lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 19 Apr 2024 09:48:11 +0000
From: Ricardo Ribalda <ribalda@...omium.org>
To: Martin Tuma <martin.tuma@...iteqautomotive.com>, 
 Mauro Carvalho Chehab <mchehab@...nel.org>, 
 Laurent Pinchart <laurent.pinchart@...asonboard.com>, 
 Hugues Fruchet <hugues.fruchet@...s.st.com>, 
 Alain Volmat <alain.volmat@...s.st.com>, 
 Maxime Coquelin <mcoquelin.stm32@...il.com>, 
 Alexandre Torgue <alexandre.torgue@...s.st.com>, 
 Paul Kocialkowski <paul.kocialkowski@...tlin.com>, 
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>, 
 Chen-Yu Tsai <wens@...e.org>, Jernej Skrabec <jernej.skrabec@...il.com>, 
 Samuel Holland <samuel@...lland.org>, 
 Sakari Ailus <sakari.ailus@...ux.intel.com>, 
 Thierry Reding <thierry.reding@...il.com>, 
 Jonathan Hunter <jonathanh@...dia.com>, 
 Sowjanya Komatineni <skomatineni@...dia.com>, 
 Luca Ceresoli <luca.ceresoli@...tlin.com>, 
 Matthias Brugger <matthias.bgg@...il.com>, 
 AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>, 
 Hans Verkuil <hverkuil@...all.nl>, Sergey Kozlov <serjk@...up.ru>, 
 Abylay Ospan <aospan@...up.ru>, 
 Ezequiel Garcia <ezequiel@...guardiasur.com.ar>, 
 Dmitry Osipenko <digetx@...il.com>, 
 Benjamin Mugnier <benjamin.mugnier@...s.st.com>, 
 Sylvain Petinot <sylvain.petinot@...s.st.com>, 
 Stanimir Varbanov <stanimir.k.varbanov@...il.com>, 
 Vikash Garodia <quic_vgarodia@...cinc.com>, 
 Bryan O'Donoghue <bryan.odonoghue@...aro.org>, 
 Bjorn Andersson <andersson@...nel.org>, 
 Konrad Dybcio <konrad.dybcio@...aro.org>
Cc: linux-media@...r.kernel.org, linux-kernel@...r.kernel.org, 
 linux-stm32@...md-mailman.stormreply.com, 
 linux-arm-kernel@...ts.infradead.org, linux-staging@...ts.linux.dev, 
 linux-sunxi@...ts.linux.dev, linux-tegra@...r.kernel.org, 
 linux-mediatek@...ts.infradead.org, linux-arm-msm@...r.kernel.org, 
 Ricardo Ribalda <ribalda@...omium.org>, 
 Dan Carpenter <dan.carpenter@...aro.org>
Subject: [PATCH v2 25/26] media: dvb-frontends: tda10048: Fix integer
 overflow

state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer
when multiplied by pll_mfactor.

Create a new 64 bit variable to hold the calculations.

Reported-by: Dan Carpenter <dan.carpenter@...aro.org>
Signed-off-by: Ricardo Ribalda <ribalda@...omium.org>
---
 drivers/media/dvb-frontends/tda10048.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/drivers/media/dvb-frontends/tda10048.c b/drivers/media/dvb-frontends/tda10048.c
index 5d5e4e9e4422..3e725cdcc66b 100644
--- a/drivers/media/dvb-frontends/tda10048.c
+++ b/drivers/media/dvb-frontends/tda10048.c
@@ -410,6 +410,7 @@ static int tda10048_set_if(struct dvb_frontend *fe, u32 bw)
 	struct tda10048_config *config = &state->config;
 	int i;
 	u32 if_freq_khz;
+	u64 sample_freq;
 
 	dprintk(1, "%s(bw = %d)\n", __func__, bw);
 
@@ -451,9 +452,11 @@ static int tda10048_set_if(struct dvb_frontend *fe, u32 bw)
 	dprintk(1, "- pll_pfactor = %d\n", state->pll_pfactor);
 
 	/* Calculate the sample frequency */
-	state->sample_freq = state->xtal_hz * (state->pll_mfactor + 45);
-	state->sample_freq /= (state->pll_nfactor + 1);
-	state->sample_freq /= (state->pll_pfactor + 4);
+	sample_freq = state->xtal_hz;
+	sample_freq *= state->pll_mfactor + 45;
+	do_div(sample_freq, state->pll_nfactor + 1);
+	do_div(sample_freq, state->pll_pfactor + 4);
+	state->sample_freq = sample_freq;
 	dprintk(1, "- sample_freq = %d\n", state->sample_freq);
 
 	/* Update the I/F */

-- 
2.44.0.769.g3c40516874-goog


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ