Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2815567imm; Mon, 24 Sep 2018 10:21:03 -0700 (PDT) X-Google-Smtp-Source: ACcGV61Ihm2nqYcpJIkOyNvEmK87UVFGdOkmVcs9LwZ+eTN4zSQ4a6L7spJwgeLO9CZRdJpJstLX X-Received: by 2002:a63:5c5d:: with SMTP id n29-v6mr10560280pgm.253.1537809663620; Mon, 24 Sep 2018 10:21:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537809663; cv=none; d=google.com; s=arc-20160816; b=YtfFfibSDQ0aRelJq21lxZEPJPm0hMU3+78pcm04yJsT/FaPzgv9CZzewBdHOp0A7/ Lc3tJGqhVIhlKxk8Na3RGzaSgd+u3lIiyfNIT9nSj6AFtc1DtVPh1DQ1Ub4dOp480bR4 oc+ObK2ldHP44A7waDp5Ev/lYPJZ/KVzUSb5J8YLc+mQfhDSkE8zL9MKYxsaq3BzIiv3 V2IeOp1pOjuA4yc/pdE9EijITFPmLKsBsXDNg+OSO6k6ZaNkNw61p404csua/B61hNX7 EbFV9uAKQYjyyJcy+vejS5VDRdlLmwPOPOdtlfx72reh8zVgsuuJH01Fbsff2JvZO/C+ 5GCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:from:subject; bh=iegOZjPetTp3zMHuRT7Wrw+gJxsjWVXEkOQyqFrmK+k=; b=eedc5e5+QUX4IAPIi8SXlkhNqc+XKWhrrlaKgVKwCyaEyQQXqmow/XHX0incZC1QfK lNiU4CXExpoOE0R2o0mb45Y9XeBGhjsbdnI+xIcmg7KBlhxbnnvfM7VS2E7xW/2h1KjL R7HA6T0npfI4gHCVvtHvZ9AkZqglgWUrR3CKl8FZfdoDsp91mQBwgFqREQSy5RvJKo01 6Uv9hMmzZ9FGSKg8/+HFM5xAQcTlNqT6aB66XrF+zcz8uSzTrrAF/KAks9Yhjn+ucLdo Lsfuqu0aKTGKvfwF8wdOch07A2AfGHIwjKGwNHWkgVFg1yB1WanSkiM+DbFbF5VXOvKY fVfQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p15-v6si10171708pgr.336.2018.09.24.10.20.47; Mon, 24 Sep 2018 10:21:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1733262AbeIXXWs (ORCPT + 99 others); Mon, 24 Sep 2018 19:22:48 -0400 Received: from www381.your-server.de ([78.46.137.84]:49298 "EHLO www381.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729351AbeIXXWr (ORCPT ); Mon, 24 Sep 2018 19:22:47 -0400 Received: from [78.46.172.2] (helo=sslproxy05.your-server.de) by www381.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from ) id 1g4UWF-0003Tg-3R; Mon, 24 Sep 2018 19:19:35 +0200 Received: from [188.174.126.27] (helo=[192.168.178.22]) by sslproxy05.your-server.de with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1g4UWE-0005v4-SN; Mon, 24 Sep 2018 19:19:34 +0200 Subject: Re: [PATCH] iio: adc: Fix potential integer overflow From: Lars-Peter Clausen To: Jonathan Cameron , "Gustavo A. R. Silva" Cc: Hartmut Knaack , Peter Meerwald-Stadler , linux-iio@vger.kernel.org, linux-kernel@vger.kernel.org References: <20180918125314.GA12752@embeddedor.com> <20180922144230.7d5e6c80@archlinux> Message-ID: <01297ad3-34a9-994a-f6f4-874dfeb9242b@metafoo.de> Date: Mon, 24 Sep 2018 19:19:34 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: lars@metafoo.de X-Virus-Scanned: Clear (ClamAV 0.100.1/24981/Mon Sep 24 15:50:40 2018) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/24/2018 07:18 PM, Lars-Peter Clausen wrote: > On 09/22/2018 03:42 PM, Jonathan Cameron wrote: >> On Tue, 18 Sep 2018 07:53:14 -0500 >> "Gustavo A. R. Silva" wrote: >> >>> Cast factor to s64 in order to give the compiler complete information >>> about the proper arithmetic to use and avoid a potential integer >>> overflow. Notice that such variable is being used in a context >>> that expects an expression of type s64 (64 bits, signed). >>> >>> Addresses-Coverity-ID: 1324146 ("Unintentional integer overflow") >>> Fixes: e13d757279bb ("iio: adc: Add QCOM SPMI PMIC5 ADC driver") >>> Signed-off-by: Gustavo A. R. Silva >>> --- >>> drivers/iio/adc/qcom-vadc-common.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/drivers/iio/adc/qcom-vadc-common.c b/drivers/iio/adc/qcom-vadc-common.c >>> index dcd7fb5..e360e27 100644 >>> --- a/drivers/iio/adc/qcom-vadc-common.c >>> +++ b/drivers/iio/adc/qcom-vadc-common.c >>> @@ -282,7 +282,7 @@ static int qcom_vadc_scale_code_voltage_factor(u16 adc_code, >>> voltage = div64_s64(voltage, data->full_scale_code_volt); >>> if (voltage > 0) { >>> voltage *= prescale->den; >>> - temp = prescale->num * factor; >>> + temp = prescale->num * (s64)factor; >> So factor is an unsigned int so could be 32 bits. In reality it only >> takes a small set of values between 1 and 1000 >> >> Maximum numerator is 10 so a maximum of 10,000. >> >> Hence this is a false positive, be it one that would be very hard >> for a static checker to identify. > > I think the reason why it complains is because temp is s64. So it infers > that the idea was that the result of the multiplication can be larger > than 64 bit. For 32bit * 32bit -> 32bit it should not complain. "lager than 32 bit" > >> >> So that moves it from a fix to a warning suppression change. >> I have no problem with those, but description needs to reflect that. > > Maybe just change the type of temp to u32. There is also > mul_u64_u32_div() which could be used here to further simplify things. >