Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-18 06:15:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

[media] msi001: fix possible integer overflow

Browse Source 
Coverity CID 1196502: Unintentional integer overflow
(OVERFLOW_BEFORE_WIDEN)

Potentially overflowing expression "(f_rf + f_if + f_if1) * lo_div"
with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit
arithmetic before being used in a context which expects an expression
of type "u64" (64 bits, unsigned). To avoid overflow, cast either
operand to "u64" before performing the multiplication.

Reported-by: <scan-admin@coverity.com>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
This commit is contained in:
Antti Palosaari 2014-04-05 17:23:41 -03:00 committed by Mauro Carvalho Chehab
parent 773bcf8c9c
commit 82932d4cff
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/staging/media/msi3101/msi001.c
View File

@ -201,7 +201,7 @@ static int msi001_set_tuner(struct msi001 *s)
dev_dbg(&s->spi->dev, "%s: bandwidth selected=%d\n",
__func__, bandwidth_lut[i].freq);
f_vco = (f_rf + f_if + f_if1) * lo_div;
f_vco = (u64) (f_rf + f_if + f_if1) * lo_div;
tmp64 = f_vco;
m = do_div(tmp64, F_REF * R_REF);
n = (unsigned int) tmp64;