lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 20 Feb 2017 12:40:11 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     "'Gustavo A. R. Silva'" <>,
        "" <>,
        "" <>
CC:     "" <>,
        "" <>,
        "Peter Senna Tschudin" <>
Subject: RE: [PATCH] usb: host: add cast to avoid potential integer overflow

From: Gustavo A. R. Silva
> Sent: 17 February 2017 00:17
> The type of variable 'sel' is unsigned int. Such variable is being used
> multiple times in a context that expects an expression of type unsigned
> long long. So, to avoid any potential integer overflow, a cast to type
> unsigned long long is added.
> -		timeout_ns = udev->u1_params.sel * 3;
> +		timeout_ns = (unsigned long long)udev->u1_params.sel * 3;

It is probably better to just change the constant to 3ull.
However I'd be tempted to look more closely at the valid values
for 'timeout_ns'.
It seems unlikely that that the timeout (in sel) will be near
enough to 4 seconds that multiplying by a small integer will
take the value over 4 seconds without requiring larger input
values be supported.

timeout_ns might even be being used in places where the value
has to be smaller than 1 second!


Powered by blists - more mailing lists