[PATCH] usb: storage: sddr55: avoid integer overflow

From: Karina Yankevich
Date: Fri Feb 03 2023 - 15:19:52 EST

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH V2 7/9] perf/x86/msr: Add Meteor Lake support"
Previous message: Joel Fernandes (Google): "[PATCH RFC] tools/memory-model: Restrict to-r to read-read address dependency"
Next in thread: Alan Stern: "Re: [PATCH] usb: storage: sddr55: avoid integer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We're possibly losing information by shifting an int.
Fix it by adding the necessary cast.

Found by OMP on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Karina Yankevich <k.yankevich@xxxxxx>
---
drivers/usb/storage/sddr55.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/usb/storage/sddr55.c b/drivers/usb/storage/sddr55.c
index 15dc25801cdc..4aeff73de147 100644
--- a/drivers/usb/storage/sddr55.c
+++ b/drivers/usb/storage/sddr55.c
@@ -236,7 +236,7 @@ static int sddr55_read_data(struct us_data *us,
memset (buffer, 0, len);
} else {

- address = (pba << info->blockshift) + page;
+ address = ((unsigned long)pba << info->blockshift) + page;

command[0] = 0;
command[1] = LSB_of(address>>16);
@@ -411,7 +411,7 @@ static int sddr55_write_data(struct us_data *us,
command[4] = 0x40;
}

- address = (pba << info->blockshift) + page;
+ address = ((unsigned long)pba << info->blockshift) + page;

command[1] = LSB_of(address>>16);
command[2] = LSB_of(address>>8);
--
2.39.1

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH V2 7/9] perf/x86/msr: Add Meteor Lake support"
Previous message: Joel Fernandes (Google): "[PATCH RFC] tools/memory-model: Restrict to-r to read-read address dependency"
Next in thread: Alan Stern: "Re: [PATCH] usb: storage: sddr55: avoid integer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]