staging: unisys: visorbus: address theoretical int overflows
Add necessary casting to several places where we were doing 32-bit arithmetic (unsigned) to produce a 64-bit (unsigned long) result, to prevent the theoretical possibility of a 32-bit overflow during the arithmetic. FYI, these are unsigned long: ctx->param_bytes ctx->allocbytes These are unsigned int: bytes phdr->name_offset phdr->name_length Here is the test program demonstrating why we really need the casts: void main() { unsigned int i; unsigned long il; printf("sizeof(int) =%dn",sizeof(i)); printf("sizeof(long)=%dn",sizeof(il)); i = (unsigned int)((((unsigned long)(1)) << 32) - 1); printf("i = %un", i); il = i+1; printf("adding 1 withOUT cast = %lun", il); il = (unsigned long)i+1; printf("adding 1 WITH cast = %lun", il); } [selltc@mac tmp]$ gcc x.c -o x.out [selltc@mac tmp]$ ./x.out sizeof(int) =4 sizeof(long)=8 i = 4294967295 adding 1 withOUT cast = 0 adding 1 WITH cast = 4294967296 Signed-off-by: Tim Sell <Timothy.Sell@unisys.com> Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Kershner <david.kershner@unisys.com> Reviewed-by: David Binder <david.binder@unisys.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Showing
Please register or sign in to comment