qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] hw/timer: fix possible int overflow


From: Peter Maydell
Subject: Re: [PATCH] hw/timer: fix possible int overflow
Date: Fri, 8 Nov 2024 16:47:02 +0000

On Wed, 6 Nov 2024 at 08:38, Dmitry Frolov <frolov@swemel.ru> wrote:
>
> The product "icnto * s->tcntb" may overflow uint32_t.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
> ---
>  hw/timer/exynos4210_mct.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/timer/exynos4210_mct.c b/hw/timer/exynos4210_mct.c
> index e807fe2de9..5c6e139b20 100644
> --- a/hw/timer/exynos4210_mct.c
> +++ b/hw/timer/exynos4210_mct.c
> @@ -815,7 +815,7 @@ static uint32_t exynos4210_ltick_cnt_get_cnto(struct 
> tick_timer *s)
>          /* Both are counting */
>          icnto = remain / s->tcntb;
>          if (icnto) {
> -            tcnto = remain % (icnto * s->tcntb);
> +            tcnto = remain % ((uint64_t)icnto * s->tcntb);
>          } else {
>              tcnto = remain % s->tcntb;
>          }
> --



Applied to target-arm.next, thanks.

-- PMM



reply via email to

[Prev in Thread] Current Thread [Next in Thread]