| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 May 2019 23:25:51 +0100
From: Colin King <colin.king@...onical.com>
To: Liam Girdwood <lgirdwood@...il.com>,
Mark Brown <broonie@...nel.org>,
Jaroslav Kysela <perex@...ex.cz>,
Takashi Iwai <tiwai@...e.com>,
Simon Ho <simon.ho@...exant.com>, alsa-devel@...a-project.org
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH][next] ASoC: cx2072x: fix integer overflow on unsigned int multiply
From: Colin Ian King <colin.king@...onical.com>
In the case where frac_div larger than 96 the result of an unsigned
multiplication overflows an unsigned int. For example, this can
happen when the sample_rate is 192000 and pll_input is 122. Fix
this by casing the first term of the mutiply to a u64. Also remove
the extraneous parentheses around the expression.
Addresses-Coverity: ("Unintentional integer overflow")
Fixes: a497a4363706 ("ASoC: Add support for Conexant CX2072X CODEC")
Signed-off-by: Colin Ian King <colin.king@...onical.com>
---
sound/soc/codecs/cx2072x.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/soc/codecs/cx2072x.c b/sound/soc/codecs/cx2072x.c
index c11a585bbf70..e8e6fd2e97b6 100644
--- a/sound/soc/codecs/cx2072x.c
+++ b/sound/soc/codecs/cx2072x.c
@@ -627,7 +627,7 @@ static int cx2072x_config_pll(struct cx2072x_priv *cx2072x)
if (frac_div) {
frac_div *= 1000;
frac_div /= pll_input;
- frac_num = ((4000 + frac_div) * ((1 << 20) - 4));
+ frac_num = (u64)(4000 + frac_div) * ((1 << 20) - 4);
do_div(frac_num, 7);
frac = ((u32)frac_num + 499) / 1000;
}
--
2.20.1
Powered by blists - more mailing lists