[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <c1b6b4cc-bc94-8ed6-0098-de9e5321722a@canonical.com>
Date: Fri, 20 Dec 2019 23:49:02 +0000
From: Colin Ian King <colin.king@...onical.com>
To: Jose Abreu <joabreu@...opsys.com>,
"David S. Miller" <davem@...emloft.net>,
Giuseppe Cavallaro <peppe.cavallaro@...com>,
Alexandre Torgue <alexandre.torgue@...com>,
Maxime Coquelin <mcoquelin.stm32@...il.com>,
netdev@...r.kernel.org,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: re: net: stmmac: Add basic EST support for GMAC5+
Hi,
Static analysis with Coverity has detected a potential issue with the
following commit:
commit 504723af0d85434be5fb6f2dde0b62644a7f1ead
Author: Jose Abreu <joabreu@...opsys.com>
Date: Wed Dec 18 11:33:05 2019 +0100
net: stmmac: Add basic EST support for GMAC5+
In function dwmac5_est_configure() we have a u64 total_ctr being
assigned as follows:
total_ctr = cfg->ctr[0] + cfg->ctr[1] * 1000000000;
The cfg->ctr[1] is a u32, the multiplication of cfg->ctr[1] is a u32
multiplication operation, so multiplying by 1000000000 can potentially
cause an overflow. Either cfg->ctr[1] needs to be cast to a u64 or
1000000000 should be at least a 1000000000UL to avoid this overflow. I
was going to fix this but on further inspection I was not sure if the
original code was intended as:
total_ctr = cfg->ctr[0] + cfg->ctr[1] * 1000000000UL;
or:
total_ctr = (cfg->ctr[0] + cfg->ctr[1]) * 1000000000UL;
..hence I'm flagging this up as potential error.
Colin
Powered by blists - more mailing lists