Message ID | 20241022195500.8805-1-zichenxie0106@gmail.com (mailing list archive) |
---|---|
State | Changes Requested, archived |
Headers | show |
Series | [v2] clk: sophgo: Cast an operand to u64 to prevent potential unsigned long overflow on 32-bit machine in sg2042_pll_recalc_rate() | expand |
On Tue, Oct 22, 2024 at 02:55:01PM -0500, Gax-c wrote: > From: Zichen Xie <zichenxie0106@gmail.com> > > This was found by a static analyzer. > There may be a potential integer overflow issue in > sg2042_pll_recalc_rate(). numerator is defined as u64 while > parent_rate is defined as unsigned long and ctrl_table.fbdiv > is defined as unsigned int. On 32-bit machine, the result of > the calculation will be limited to "u32" without correct casting. > Integer overflow may occur on high-performance systems. Fine. > For the same reason, adding a cast to denominator could be better. > So, we recommend adding an extra cast to prevent potential > integer overflow. I wish you had removed this or said that "We recommended that we cast the denominator as well but Dan Carpenter said that it was a max of 3087 and was not even vaguely close to the 4 billion mark needed to overflow a u32 ;)". > > Fixes: 48cf7e01386e ("clk: sophgo: Add SG2042 clock driver") > Signed-off-by: Zichen Xie <zichenxie0106@gmail.com> > --- > v2: modified patch to numerator casting only. Otherwise, looks good. regards, dan carpenter
On 2024/10/22 15:01, Dan Carpenter wrote: > On Tue, Oct 22, 2024 at 02:55:01PM -0500, Gax-c wrote: >> From: Zichen Xie <zichenxie0106@gmail.com> >> >> This was found by a static analyzer. >> There may be a potential integer overflow issue in >> sg2042_pll_recalc_rate(). numerator is defined as u64 while >> parent_rate is defined as unsigned long and ctrl_table.fbdiv >> is defined as unsigned int. On 32-bit machine, the result of >> the calculation will be limited to "u32" without correct casting. >> Integer overflow may occur on high-performance systems. > Fine. > >> For the same reason, adding a cast to denominator could be better. >> So, we recommend adding an extra cast to prevent potential >> integer overflow. > I wish you had removed this or said that "We recommended that we cast > the denominator as well but Dan Carpenter said that it was a max of > 3087 and was not even vaguely close to the 4 billion mark needed to > overflow a u32 ;)". Sorry, I forgot that. I will fix it and send another patch. Thank you very much! Best, Zichen > >> Fixes: 48cf7e01386e ("clk: sophgo: Add SG2042 clock driver") >> Signed-off-by: Zichen Xie <zichenxie0106@gmail.com> >> --- >> v2: modified patch to numerator casting only. > Otherwise, looks good. > > regards, > dan carpenter > >
diff --git a/drivers/clk/sophgo/clk-sg2042-pll.c b/drivers/clk/sophgo/clk-sg2042-pll.c index ff9deeef509b..1537f4f05860 100644 --- a/drivers/clk/sophgo/clk-sg2042-pll.c +++ b/drivers/clk/sophgo/clk-sg2042-pll.c @@ -153,7 +153,7 @@ static unsigned long sg2042_pll_recalc_rate(unsigned int reg_value, sg2042_pll_ctrl_decode(reg_value, &ctrl_table); - numerator = parent_rate * ctrl_table.fbdiv; + numerator = (u64)parent_rate * ctrl_table.fbdiv; denominator = ctrl_table.refdiv * ctrl_table.postdiv1 * ctrl_table.postdiv2; do_div(numerator, denominator); return numerator;