lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 29 Jan 2018 19:07:42 -0600
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     linux-media@...r.kernel.org, linux-rockchip@...ts.infradead.org,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Cc:     Mauro Carvalho Chehab <mchehab@...nel.org>,
        Hans Verkuil <hverkuil@...all.nl>,
        Jacob chen <jacob2.chen@...k-chips.com>,
        Heiko Stuebner <heiko@...ech.de>,
        Antti Palosaari <crope@....fi>,
        Ramesh Shanmugasundaram <ramesh.shanmugasundaram@...renesas.com>,
        "Gustavo A. R. Silva" <garsilva@...eddedor.com>
Subject: [PATCH resend 0/8] fix potential integer overflows

Hello,

I'm resending this cover letter due to a typo in the ARM and LKML
addresses in the previous e-mail.

This patchset aims to fix potential integer overflows reported
by Coverity.

In all cases the potential overflowing expressions are evaluated
using 32-bit arithmetic before being used in contexts that expect
a 64-bit arithmetic. So a cast to the proper type was added to each
of those expressions in order to avoid any potential integer overflow.

This also gives the compiler complete information about the proper
arithmetic for each expression and improves code quality.

Addresses the following Coverity IDs reported as
"Unintentional integer overflow" issues:

200604, 1056807, 1056808, 1271223,
1324146, 1392628, 1392630, 1446589,
1454996, 1458347.

Thank you

Gustavo A. R. Silva (8):
  rtl2832: fix potential integer overflow
  dvb-frontends: ves1820: fix potential integer overflow
  i2c: max2175: fix potential integer overflow in max2175_set_nco_freq
  i2c: ov9650: fix potential integer overflow in
    __ov965x_set_frame_interval
  pci: cx88-input: fix potential integer overflow
  rockchip/rga: fix potential integer overflow in rga_buf_map
  platform: sh_veu: fix potential integer overflow in
    sh_veu_colour_offset
  platform: vivid-cec: fix potential integer overflow in
    vivid_cec_pin_adap_events

 drivers/media/dvb-frontends/rtl2832.c         | 4 ++--
 drivers/media/dvb-frontends/ves1820.c         | 2 +-
 drivers/media/i2c/max2175.c                   | 2 +-
 drivers/media/i2c/ov9650.c                    | 2 +-
 drivers/media/pci/cx88/cx88-input.c           | 4 ++--
 drivers/media/platform/rockchip/rga/rga-buf.c | 2 +-
 drivers/media/platform/sh_veu.c               | 4 ++--
 drivers/media/platform/vivid/vivid-cec.c      | 2 +-
 8 files changed, 11 insertions(+), 11 deletions(-)

-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ