Commit d2c14c64 authored Mar 20, 2017 by Colin Ian King Committed by Mark Brown Mar 20, 2017

spi: loopback-test: fix potential integer overflow on multiple

A multiplication of 8U * xfer-len with the type of a 32 bit unsigned int
is evaluated using 32 bit arithmetic and then used in a context that
expects an expression of type unsigned long long (64 bits). Avoid any
potential overflow by casting BITS_PER_BYTE to unsigned long long.

Detected by CoverityScan, CID#1419691 ("Unintentional integer overflow")

Fixes: ea9936f3 ("spi: loopback-test: add elapsed time check")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Mark Brown <broonie@kernel.org>

parent 8687113e

drivers/spi/spi-loopback-test.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -508,7 +508,8 @@ static int spi_test_check_elapsed_time(struct spi_device *spi,

		for (i = 0; i < test->transfer_count; i++) {
		struct spi_transfer *xfer = test->transfers + i;
		unsigned long long nbits = BITS_PER_BYTE * xfer->len;
		unsigned long long nbits = (unsigned long long)BITS_PER_BYTE *
		xfer->len;

		delay_usecs += xfer->delay_usecs;
		if (!xfer->speed_hz)