lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 20 Feb 2017 12:40:11 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     "'Gustavo A. R. Silva'" <garsilva@...eddedor.com>,
        "mathias.nyman@...el.com" <mathias.nyman@...el.com>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
CC:     "linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "Peter Senna Tschudin" <peter.senna@...il.com>
Subject: RE: [PATCH] usb: host: add cast to avoid potential integer overflow

From: Gustavo A. R. Silva
> Sent: 17 February 2017 00:17
> The type of variable 'sel' is unsigned int. Such variable is being used
> multiple times in a context that expects an expression of type unsigned
> long long. So, to avoid any potential integer overflow, a cast to type
> unsigned long long is added.
...
> -		timeout_ns = udev->u1_params.sel * 3;
> +		timeout_ns = (unsigned long long)udev->u1_params.sel * 3;
...

It is probably better to just change the constant to 3ull.
However I'd be tempted to look more closely at the valid values
for 'timeout_ns'.
It seems unlikely that that the timeout (in sel) will be near
enough to 4 seconds that multiplying by a small integer will
take the value over 4 seconds without requiring larger input
values be supported.

timeout_ns might even be being used in places where the value
has to be smaller than 1 second!

	David

Powered by blists - more mailing lists