lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 4 Jul 2021 17:36:39 +0100
From:   Jonathan Cameron <jic23@...nel.org>
To:     Liam Beguin <liambeguin@...il.com>
Cc:     peda@...ntia.se, lars@...afoo.de, pmeerw@...erw.net,
        linux-kernel@...r.kernel.org, linux-iio@...r.kernel.org,
        devicetree@...r.kernel.org, robh+dt@...nel.org
Subject: Re: [PATCH v3 04/10] iio: afe: rescale: reduce risk of integer
 overflow

On Wed, 30 Jun 2021 21:00:28 -0400
Liam Beguin <liambeguin@...il.com> wrote:

> From: Liam Beguin <lvb@...hos.com>
> 
> Reduce the risk of integer overflow by doing the scale calculation with
> 64bit integers and looking for a Greatest Common Divider for both parts
> of the fractional value.
> 
> Signed-off-by: Liam Beguin <lvb@...hos.com>
> ---
>  drivers/iio/afe/iio-rescale.c | 10 +++++++---
>  1 file changed, 7 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/iio/afe/iio-rescale.c b/drivers/iio/afe/iio-rescale.c
> index 774eb3044edd..98bcb5d418d6 100644
> --- a/drivers/iio/afe/iio-rescale.c
> +++ b/drivers/iio/afe/iio-rescale.c
> @@ -39,7 +39,8 @@ static int rescale_read_raw(struct iio_dev *indio_dev,
>  			    int *val, int *val2, long mask)
>  {
>  	struct rescale *rescale = iio_priv(indio_dev);
> -	unsigned long long tmp;
> +	s64 tmp, tmp2;
> +	u32 factor;
>  	int ret;
>  
>  	switch (mask) {
> @@ -67,8 +68,11 @@ static int rescale_read_raw(struct iio_dev *indio_dev,
>  		}
>  		switch (ret) {
>  		case IIO_VAL_FRACTIONAL:
> -			*val *= rescale->numerator;
> -			*val2 *= rescale->denominator;
> +			tmp = (s64)*val * rescale->numerator;
> +			tmp2 = (s64)*val2 * rescale->denominator;
> +			factor = gcd(tmp, tmp2);

Hmm. I wonder if there are cases where this doesn't work and we end up
truncating because the gcd is say 1.  If all of val, val2, rescale->numerator,
rescale->denominator are primes and the rescale values are moderately large
then that might happen.  We probably need a fallback position.  Perhaps 
check tmp / factor and temp2/factor will fit in an int. If not, shift them until
they do even if we have to dump some precision to do so.

This stuff is getting fiddly enough we might want to figure out some self tests
that exercise the various cases.

> +			*val = tmp / factor;
> +			*val2 = tmp2 / factor;

This is doing 64 bit numbers divided by 32 bit ones. Doesn't that require
use of do_div() etc on 32 bit platforms?

>  			return ret;
>  		case IIO_VAL_INT:
>  			*val *= rescale->numerator;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ