lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87sib336w4.wl%kuninori.morimoto.gx@renesas.com>
Date:	Mon, 11 May 2015 07:35:28 +0000
From:	Kuninori Morimoto <kuninori.morimoto.gx@...esas.com>
To:	Ulf Hansson <ulf.hansson@...aro.org>
CC:	<ryusuke.sakato.bx@...esas.com>,
	<yoshihiro.shimoda.uh@...esas.com>,
	<hiroyuki.yokoyama.vx@...esas.com>,
	<takeshi.kihara.df@...esas.com>,
	Jaehoon Chung <jh80.chung@...sung.com>,
	Chris Ball <chris@...ntf.net>,
	Seungwon Jeon <tgih.jun@...sung.com>,
	"Grégory Soutadé" 
	<gsoutade@...tion.com>, <linux-kernel@...r.kernel.org>,
	<linux-mmc@...r.kernel.org>
Subject: [PATCH 2/2 v2] mmc: cast unsigned int to typeof(sector_t) to avoid unexpected error

From: Kuninori Morimoto <kuninori.morimoto.gx@...esas.com>

card->csd.capacity is defined as "unsigned int", and sector_t is defined as
"u64" or "unsigned long" (depends on CONFIG_LBDAF). Thus, sector_t data
might have strange data (see below). This patch cast it to typeof(sector_t)
Special thanks to coverity <http://www.coverity.com>

ex) if sector_t was u64

        unsigned int data;
        sector_t sector;

        data = 0x800000;
        sector = (data << 8); // 0xffffffff80000000
        sector = (((typeof(sector_t))data) << 8); // 0x80000000

or

        data = 0x80000000;
        sector = (data << 8); // 0x0
        sector = (((typeof(sector_t))data) << 8); // 0x8000000000

Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@...esas.com>
---
v1 -> v2

 - tidyup log comment
 - tidyup line over 80 characters

 drivers/mmc/card/block.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/mmc/card/block.c b/drivers/mmc/card/block.c
index 60f7141..029a872 100644
--- a/drivers/mmc/card/block.c
+++ b/drivers/mmc/card/block.c
@@ -2217,7 +2217,8 @@ static struct mmc_blk_data *mmc_blk_alloc(struct mmc_card *card)
 		 * The CSD capacity field is in units of read_blkbits.
 		 * set_capacity takes units of 512 bytes.
 		 */
-		size = card->csd.capacity << (card->csd.read_blkbits - 9);
+		size = (typeof(sector_t))card->csd.capacity
+			<< (card->csd.read_blkbits - 9);
 	}
 
 	return mmc_blk_alloc_req(card, &card->dev, size, false, NULL,
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ