| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHp75VfssNnd9zvNu+N9xc74RO+qBPC_qhF5ed_G8p5HJ8LWvw@mail.gmail.com> Date: Wed, 11 Dec 2024 13:51:31 +0200 From: Andy Shevchenko <andy.shevchenko@...il.com> To: Dan Carpenter <dan.carpenter@...aro.org> Cc: Esteban Blanc <eblanc@...libre.com>, Alexandre Belloni <alexandre.belloni@...tlin.com>, linux-rtc@...r.kernel.org, linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: Re: [PATCH] rtc: tps6594: Fix integer overflow on 32bit systems On Wed, Dec 11, 2024 at 11:32 AM Dan Carpenter <dan.carpenter@...aro.org> wrote: > > The problem is this multiply in tps6594_rtc_set_offset() > > tmp = offset * TICKS_PER_HOUR; > > The "tmp" variable is an s64 but "offset" is a long in the > (-277774)-277774 range. On 32bit systems a long can hold numbers up to > approximately two billion. The number of TICKS_PER_HOUR is really large, > (32768 * 3600) or roughly a hundred million. When you start multiplying > by a hundred million it doesn't take long to overflow the two billion > mark. > > Probably the safest way to fix this is to change the type of > TICKS_PER_HOUR to long long because it's such a large number. ... > -#define TICKS_PER_HOUR (32768 * 3600) > +#define TICKS_PER_HOUR (32768 * 3600LL) Hmm... And why signed? Wondering, do we deserve to have something like #define SEC_PER_HOUR 3600UL somewhere in the headers, if not already exists? -- With Best Regards, Andy Shevchenko
Powered by blists - more mailing lists