Prefer constant division over multiplication for length checks

channels/cliprdr/server/cliprdr_main.c

@@ -556,7 +556,9 @@ static UINT cliprdr_server_receive_temporary_directory(CliprdrServerContext* con
 	UINT error = CHANNEL_RC_OK;
 
 	WINPR_UNUSED(header);
-	if ((slength = Stream_GetRemainingLength(s)) < 260 * sizeof(WCHAR))
+
+	slength = Stream_GetRemainingLength(s);
+	if (slength / sizeof(WCHAR) < 260)
 	{
 		WLog_ERR(TAG, "Stream_GetRemainingLength returned %" PRIuz " but should at least be 520",
 		         slength);

channels/disp/server/disp_main.c

@@ -152,7 +152,7 @@ static UINT disp_recv_display_control_monitor_layout_pdu(wStream* s, DispServerC
 		return ERROR_INVALID_DATA;
 	}
 
-	if (Stream_GetRemainingLength(s) < DISPLAY_CONTROL_MONITOR_LAYOUT_SIZE * pdu.NumMonitors)
+	if (Stream_GetRemainingLength(s) / DISPLAY_CONTROL_MONITOR_LAYOUT_SIZE < pdu.NumMonitors)
 	{
 		WLog_ERR(TAG, "not enough data!");
 		return ERROR_INVALID_DATA;

channels/encomsp/client/encomsp_main.c

@@ -100,7 +100,7 @@ static UINT encomsp_read_unicode_string(wStream* s, ENCOMSP_UNICODE_STRING* str)
 		return ERROR_INVALID_DATA;
 	}
 
-	if (Stream_GetRemainingLength(s) < (size_t)(str->cchString * 2))
+	if (Stream_GetRemainingLength(s) / sizeof(WCHAR) < str->cchString)
 	{
 		WLog_ERR(TAG, "Not enough data!");
 		return ERROR_INVALID_DATA;

channels/rdpgfx/client/rdpgfx_codec.c

@@ -56,7 +56,7 @@ static UINT rdpgfx_read_h264_metablock(RDPGFX_PLUGIN* gfx, wStream* s, RDPGFX_H2
 
 	Stream_Read_UINT32(s, meta->numRegionRects); /* numRegionRects (4 bytes) */
 
-	if (Stream_GetRemainingLength(s) < (meta->numRegionRects * 8))
+	if (Stream_GetRemainingLength(s) / 8 < meta->numRegionRects)
 	{
 		WLog_ERR(TAG, "not enough data!");
 		goto error_out;
@@ -99,7 +99,7 @@ static UINT rdpgfx_read_h264_metablock(RDPGFX_PLUGIN* gfx, wStream* s, RDPGFX_H2
 		         index, regionRect->left, regionRect->top, regionRect->right, regionRect->bottom);
 	}
 
-	if (Stream_GetRemainingLength(s) < (meta->numRegionRects * 2))
+	if (Stream_GetRemainingLength(s) / 2 < meta->numRegionRects)
 	{
 		WLog_ERR(TAG, "not enough data!");
 		error = ERROR_INVALID_DATA;

channels/rdpgfx/client/rdpgfx_main.c

@@ -562,7 +562,7 @@ static UINT rdpgfx_recv_reset_graphics_pdu(RDPGFX_CHANNEL_CALLBACK* callback, wS
 	Stream_Read_UINT32(s, pdu.height);       /* height (4 bytes) */
 	Stream_Read_UINT32(s, pdu.monitorCount); /* monitorCount (4 bytes) */
 
-	if (Stream_GetRemainingLength(s) < (pdu.monitorCount * 20))
+	if (Stream_GetRemainingLength(s) / 20 < pdu.monitorCount)
 	{
 		WLog_Print(gfx->log, WLOG_ERROR, "not enough data!");
 		return ERROR_INVALID_DATA;
@@ -682,7 +682,7 @@ static UINT rdpgfx_recv_cache_import_reply_pdu(RDPGFX_CHANNEL_CALLBACK* callback
 
 	Stream_Read_UINT16(s, pdu.importedEntriesCount); /* cacheSlot (2 bytes) */
 
-	if (Stream_GetRemainingLength(s) < (size_t)(pdu.importedEntriesCount * 2))
+	if (Stream_GetRemainingLength(s) / 2 < pdu.importedEntriesCount)
 	{
 		WLog_Print(gfx->log, WLOG_ERROR, "not enough data!");
 		return ERROR_INVALID_DATA;
@@ -1159,7 +1159,7 @@ static UINT rdpgfx_recv_solid_fill_pdu(RDPGFX_CHANNEL_CALLBACK* callback, wStrea
 
 	Stream_Read_UINT16(s, pdu.fillRectCount); /* fillRectCount (2 bytes) */
 
-	if (Stream_GetRemainingLength(s) < (size_t)(pdu.fillRectCount * 8))
+	if (Stream_GetRemainingLength(s) / 8 < pdu.fillRectCount)
 	{
 		WLog_Print(gfx->log, WLOG_ERROR, "not enough data!");
 		return ERROR_INVALID_DATA;
@@ -1352,7 +1352,7 @@ static UINT rdpgfx_recv_cache_to_surface_pdu(RDPGFX_CHANNEL_CALLBACK* callback,
 	Stream_Read_UINT16(s, pdu.surfaceId);    /* surfaceId (2 bytes) */
 	Stream_Read_UINT16(s, pdu.destPtsCount); /* destPtsCount (2 bytes) */
 
-	if (Stream_GetRemainingLength(s) < (size_t)(pdu.destPtsCount * 4))
+	if (Stream_GetRemainingLength(s) / 4 < pdu.destPtsCount)
 	{
 		WLog_Print(gfx->log, WLOG_ERROR, "not enough data!");
 		return ERROR_INVALID_DATA;

channels/rdpgfx/server/rdpgfx_main.c

@@ -1149,7 +1149,7 @@ static UINT rdpgfx_recv_cache_import_offer_pdu(RdpgfxServerContext* context, wSt
 		return ERROR_INVALID_DATA;
 	}
 
-	if (Stream_GetRemainingLength(s) < (pdu.cacheEntriesCount * 12ULL))
+	if (Stream_GetRemainingLength(s) / 12 < pdu.cacheEntriesCount)
 	{
 		WLog_ERR(TAG, "not enough data!");
 		return ERROR_INVALID_DATA;

channels/rdpsnd/server/rdpsnd_main.c

@@ -159,7 +159,7 @@ static UINT rdpsnd_server_recv_formats(RdpsndServerContext* context, wStream* s)
 	Stream_Seek_UINT8(s);                               /* bPad */
 
 	/* this check is only a guess as cbSize can influence the size of a format record */
-	if (Stream_GetRemainingLength(s) < context->num_client_formats * 18ULL)
+	if (Stream_GetRemainingLength(s) / 18 < context->num_client_formats)
 	{
 		WLog_ERR(TAG, "not enough data in stream!");
 		return ERROR_INVALID_DATA;

channels/urbdrc/client/data_transfer.c

@@ -801,7 +801,7 @@ static UINT urb_isoch_transfer(IUDEVICE* pdev, URBDRC_CHANNEL_CALLBACK* callback
 	Stream_Read_UINT32(s, NumberOfPackets); /** NumberOfPackets */
 	Stream_Read_UINT32(s, ErrorCount);      /** ErrorCount */
 
-	if (Stream_GetRemainingLength(s) < NumberOfPackets * 12 + 4)
+	if (Stream_GetRemainingLength(s) < NumberOfPackets * 12ULL + 4ULL)
 		return ERROR_INVALID_DATA;
 
 	packetDescriptorData = Stream_Pointer(s);

libfreerdp/codec/clear.c

@@ -157,7 +157,7 @@ static BOOL clear_decompress_subcode_rlex(wStream* s, UINT32 bitmapDataByteCount
 		return FALSE;
 	}
 
-	if (Stream_GetRemainingLength(s) < 3ULL * paletteCount)
+	if (Stream_GetRemainingLength(s) / 3 < paletteCount)
 		return FALSE;
 
 	for (i = 0; i < paletteCount; i++)
@@ -718,7 +718,7 @@ static BOOL clear_decompress_bands_data(CLEAR_CONTEXT* clear, wStream* s, UINT32
 					return FALSE;
 				}
 
-				if (Stream_GetRemainingLength(s) < (vBarShortPixelCount * 3))
+				if (Stream_GetRemainingLength(s) / 3 < vBarShortPixelCount)
 				{
 					WLog_ERR(TAG, "stream short %" PRIuz " [%" PRIu32 " expected]",
 					         Stream_GetRemainingLength(s), (vBarShortPixelCount * 3));

libfreerdp/codec/rfx.c

@@ -526,7 +526,7 @@ static BOOL rfx_process_message_channels(RFX_CONTEXT* context, wStream* s)
 		return FALSE;
 	}
 
-	if (Stream_GetRemainingLength(s) < (size_t)(numChannels * 5))
+	if (Stream_GetRemainingLength(s) / 5 < numChannels)
 	{
 		WLog_ERR(TAG, "RfxMessageChannels packet too small for numChannels=%" PRIu8 "",
 		         numChannels);
@@ -702,7 +702,7 @@ static BOOL rfx_process_message_region(RFX_CONTEXT* context, RFX_MESSAGE* messag
 		return TRUE;
 	}
 
-	if (Stream_GetRemainingLength(s) < (size_t)(8 * message->numRects))
+	if (Stream_GetRemainingLength(s) / 8 < message->numRects)
 	{
 		WLog_ERR(TAG, "%s: packet too small for num_rects=%" PRIu16 "", __FUNCTION__,
 		         message->numRects);
@@ -830,7 +830,7 @@ static BOOL rfx_process_message_tileset(RFX_CONTEXT* context, RFX_MESSAGE* messa
 	quants = context->quants = (UINT32*)pmem;
 
 	/* quantVals */
-	if (Stream_GetRemainingLength(s) < (size_t)(context->numQuant * 5))
+	if (Stream_GetRemainingLength(s) / 5 < context->numQuant)
 	{
 		WLog_ERR(TAG, "RfxMessageTileSet packet too small for num_quants=%" PRIu8 "",
 		         context->numQuant);

libfreerdp/codec/zgfx.c

@@ -409,7 +409,7 @@ int zgfx_decompress(ZGFX_CONTEXT* zgfx, const BYTE* pSrcData, UINT32 SrcSize, BY
 		Stream_Read_UINT16(stream, segmentCount);     /* segmentCount (2 bytes) */
 		Stream_Read_UINT32(stream, uncompressedSize); /* uncompressedSize (4 bytes) */
 
-		if (Stream_GetRemainingLength(stream) < segmentCount * sizeof(UINT32))
+		if (Stream_GetRemainingLength(stream) / sizeof(UINT32) < segmentCount)
 			goto fail;
 
 		pConcatenated = (BYTE*)malloc(uncompressedSize);

libfreerdp/core/gcc.c

@@ -1750,7 +1750,7 @@ BOOL gcc_read_server_network_data(wStream* s, rdpMcs* mcs)
 			parsedChannelCount = mcs->channelCount;
 	}
 
-	if (Stream_GetRemainingLength(s) < (size_t)channelCount * 2)
+	if (Stream_GetRemainingLength(s) / 2 < channelCount)
 		return FALSE;
 
 	for (i = 0; i < parsedChannelCount; i++)

libfreerdp/core/input.c

@@ -612,7 +612,7 @@ BOOL input_recv(rdpInput* input, wStream* s)
 	Stream_Seek(s, 2);                   /* pad2Octets (2 bytes) */
 
 	/* Each input event uses 6 exactly bytes. */
-	if (Stream_GetRemainingLength(s) < (size_t)(6 * numberEvents))
+	if (Stream_GetRemainingLength(s) / 6 < numberEvents)
 		return FALSE;
 
 	for (i = 0; i < numberEvents; i++)

libfreerdp/core/orders.c

@@ -2409,7 +2409,7 @@ static CACHE_COLOR_TABLE_ORDER* update_read_cache_color_table_order(rdpUpdate* u
 		goto fail;
 	}
 
-	if (Stream_GetRemainingLength(s) < cache_color_table->numberColors * 4)
+	if (Stream_GetRemainingLength(s) / 4 < cache_color_table->numberColors)
 		goto fail;
 
 	colorTable = (UINT32*)&cache_color_table->colorTable;
@@ -2664,7 +2664,7 @@ static BOOL update_decompress_brush(wStream* s, BYTE* output, size_t outSize, BY
 	const BYTE* palette = Stream_Pointer(s) + 16;
 	const size_t bytesPerPixel = ((bpp + 1) / 8);
 
-	if (Stream_GetRemainingLength(s) < 16 + bytesPerPixel * 4)
+	if (Stream_GetRemainingLength(s) < 16ULL + bytesPerPixel * 4ULL)
 		return FALSE;
 
 	for (y = 7; y >= 0; y--)
@@ -2763,7 +2763,7 @@ static CACHE_BRUSH_ORDER* update_read_cache_brush_order(rdpUpdate* update, wStre
 				/* uncompressed brush */
 				UINT32 scanline = (cache_brush->bpp / 8) * 8;
 
-				if (Stream_GetRemainingLength(s) < scanline * 8)
+				if (Stream_GetRemainingLength(s) / 8 < scanline)
 					goto fail;
 
 				for (i = 7; i >= 0; i--)
@@ -2889,7 +2889,7 @@ update_read_create_offscreen_bitmap_order(wStream* s,
 			deleteList->indices = new_indices;
 		}
 
-		if (Stream_GetRemainingLength(s) < 2 * deleteList->cIndices)
+		if (Stream_GetRemainingLength(s) / 2 < deleteList->cIndices)
 			return FALSE;
 
 		for (i = 0; i < deleteList->cIndices; i++)

libfreerdp/core/update.c

@@ -272,7 +272,7 @@ PALETTE_UPDATE* update_read_palette(rdpUpdate* update, wStream* s)
 	if (palette_update->number > 256)
 		palette_update->number = 256;
 
-	if (Stream_GetRemainingLength(s) < palette_update->number * 3)
+	if (Stream_GetRemainingLength(s) / 3 < palette_update->number)
 		goto fail;
 
 	/* paletteEntries */
@@ -2122,7 +2122,7 @@ BOOL update_read_refresh_rect(rdpUpdate* update, wStream* s)
 	Stream_Read_UINT8(s, numberOfAreas);
 	Stream_Seek(s, 3); /* pad3Octects */
 
-	if (Stream_GetRemainingLength(s) < ((size_t)numberOfAreas * 4 * 2))
+	if (Stream_GetRemainingLength(s) / 8 < numberOfAreas)
 		return FALSE;
 
 	areas = (RECTANGLE_16*)calloc(numberOfAreas, sizeof(RECTANGLE_16));

libfreerdp/core/window.c

@@ -373,7 +373,7 @@ static BOOL update_read_window_state_order(wStream* s, WINDOW_ORDER_INFO* orderI
 
 			windowState->windowRects = newRect;
 
-			if (Stream_GetRemainingLength(s) < 8 * windowState->numWindowRects)
+			if (Stream_GetRemainingLength(s) / 8 < windowState->numWindowRects)
 				return FALSE;
 
 			/* windowRects */
@@ -417,7 +417,7 @@ static BOOL update_read_window_state_order(wStream* s, WINDOW_ORDER_INFO* orderI
 
 			windowState->visibilityRects = newRect;
 
-			if (Stream_GetRemainingLength(s) < windowState->numVisibilityRects * 8)
+			if (Stream_GetRemainingLength(s) / 8 < windowState->numVisibilityRects)
 				return FALSE;
 
 			/* visibilityRects */
@@ -901,7 +901,7 @@ static BOOL update_read_desktop_actively_monitored_order(wStream* s, WINDOW_ORDE
 
 		Stream_Read_UINT8(s, monitored_desktop->numWindowIds); /* numWindowIds (1 byte) */
 
-		if (Stream_GetRemainingLength(s) < 4 * monitored_desktop->numWindowIds)
+		if (Stream_GetRemainingLength(s) / 4 < monitored_desktop->numWindowIds)
 			return FALSE;
 
 		if (monitored_desktop->numWindowIds > 0)