diff mbox series

drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get()

Message ID 20241211122026.797511-1-karprzy7@gmail.com (mailing list archive)
State New
Headers show
Series drm: zynqmp_dp: Fix integer overflow in zynqmp_dp_rate_get() | expand

Commit Message

Karol Przybylski Dec. 11, 2024, 12:20 p.m. UTC 
This patch fixes a potential integer overflow in the zynqmp_dp_rate_get() function.

The issue comes up when the expression drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit arithmetic.

Now the constant is casted to compatible u64 type.

Resolves CID 1636340 and CID 1635811

Signed-off-by: Karol Przybylski <karprzy7@gmail.com>
---
 drivers/gpu/drm/xlnx/zynqmp_dp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/drivers/gpu/drm/xlnx/zynqmp_dp.c b/drivers/gpu/drm/xlnx/zynqmp_dp.c
index 25c5dc61e..55e92344b 100644
--- a/drivers/gpu/drm/xlnx/zynqmp_dp.c
+++ b/drivers/gpu/drm/xlnx/zynqmp_dp.c
@@ -2190,7 +2190,7 @@  static int zynqmp_dp_rate_get(void *data, u64 *val)
 	struct zynqmp_dp *dp = data;
 
 	mutex_lock(&dp->lock);
-	*val = drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000;
+	*val = drm_dp_bw_code_to_link_rate(dp->test.bw_code) * (u64)10000;
 	mutex_unlock(&dp->lock);
 	return 0;
 }