From: John Bottenberg <jobotten@microsoft.com>
Date: Sun, 19 Mar 2017 04:33:58 +0000 (-0700)
Subject: Remove potential overflow in SafeBSTRHandle (dotnet/coreclr#10182)
X-Git-Tag: submit/tizen/20210909.063632~11030^2~7654
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=1cf4e9c5e73a74355f6aae8c67dff03e7ba20f5b;p=platform%2Fupstream%2Fdotnet%2Fruntime.git

Remove potential overflow in SafeBSTRHandle (dotnet/coreclr#10182)



Commit migrated from https://github.com/dotnet/coreclr/commit/671701167d2dc8f0297f08c67482b565684d8c79
---

diff --git a/src/coreclr/src/mscorlib/src/System/Security/SafeBSTRHandle.cs b/src/coreclr/src/mscorlib/src/System/Security/SafeBSTRHandle.cs
index 19d63d4..a1164dc 100644
--- a/src/coreclr/src/mscorlib/src/System/Security/SafeBSTRHandle.cs
+++ b/src/coreclr/src/mscorlib/src/System/Security/SafeBSTRHandle.cs
@@ -13,7 +13,7 @@ namespace System.Security
 
         internal static SafeBSTRHandle Allocate(uint lenInChars)
         {
-            uint lenInBytes = lenInChars * sizeof(char);
+            ulong lenInBytes = (ulong)lenInChars * sizeof(char);
             SafeBSTRHandle bstr = Interop.OleAut32.SysAllocStringLen(IntPtr.Zero, lenInChars);
             if (bstr.IsInvalid) // SysAllocStringLen returns a NULL ptr when there's insufficient memory
             {