From patchwork Tue Oct 22 11:49:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Colin King X-Patchwork-Id: 11204315 X-Patchwork-Delegate: eduardo.valentin@ti.com Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 59D2C14E5 for ; Tue, 22 Oct 2019 11:49:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 35B5421872 for ; Tue, 22 Oct 2019 11:49:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388205AbfJVLtP (ORCPT ); Tue, 22 Oct 2019 07:49:15 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:38152 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388204AbfJVLtP (ORCPT ); Tue, 22 Oct 2019 07:49:15 -0400 Received: from 1.general.cking.uk.vpn ([10.172.193.212] helo=localhost) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iMsf1-0007KS-67; Tue, 22 Oct 2019 11:49:11 +0000 From: Colin King To: Amit Kucheria , Andy Gross , Zhang Rui , Eduardo Valentin , Daniel Lezcano , Stephen Boyd , linux-pm@vger.kernel.org, linux-arm-msm@vger.kernel.org Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH][next] drivers: thermal: tsens: fix potential integer overflow on multiply Date: Tue, 22 Oct 2019 12:49:10 +0100 Message-Id: <20191022114910.652-1-colin.king@canonical.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Sender: linux-pm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pm@vger.kernel.org From: Colin Ian King Currently a multiply operation is being performed on two int values and the result is being assigned to a u64, presumably because the end result is expected to be probably larger than an int. However, because the multiply is an int multiply one can get overflow. Avoid the overflow by casting degc to a u64 to force a u64 multiply. Addresses-Coverity: ("Unintentional integer overflow") Fixes: fbfe1a042cfd ("drivers: thermal: tsens: Add interrupt support") Signed-off-by: Colin Ian King --- drivers/thermal/qcom/tsens-common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/thermal/qcom/tsens-common.c b/drivers/thermal/qcom/tsens-common.c index 03bf1b8133ea..3d7855106ecd 100644 --- a/drivers/thermal/qcom/tsens-common.c +++ b/drivers/thermal/qcom/tsens-common.c @@ -92,7 +92,7 @@ void compute_intercept_slope(struct tsens_priv *priv, u32 *p1, static inline u32 degc_to_code(int degc, const struct tsens_sensor *s) { - u64 code = (degc * s->slope + s->offset) / SLOPE_FACTOR; + u64 code = ((u64)degc * s->slope + s->offset) / SLOPE_FACTOR; pr_debug("%s: raw_code: 0x%llx, degc:%d\n", __func__, code, degc); return clamp_val(code, THRESHOLD_MIN_ADC_CODE, THRESHOLD_MAX_ADC_CODE);