[PATCH 6.9 074/222] mtd: partitions: redboot: Added conversion of operands to a larger type

2 Jul 2024

6.9-stable review patch.  If anyone has any objections, please let me know.
------------------
From: Denis Arefev arefev@swemel.ru
[ Upstream commit 1162bc2f8f5de7da23d18aa4b7fbd4e93c369c50 ]
The value of an arithmetic expression directory * master->erasesize is
subject to overflow due to a failure to cast operands to a larger data
type before perfroming arithmetic
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Denis Arefev arefev@swemel.ru
Signed-off-by: Miquel Raynal miquel.raynal@bootlin.com
Link: https://lore.kernel.org/linux-mtd/20240315093758.20790-1-arefev@swemel.ru
Signed-off-by: Sasha Levin sashal@kernel.org
---
 drivers/mtd/parsers/redboot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/mtd/parsers/redboot.c b/drivers/mtd/parsers/redboot.c
index a16b42a885816..3b55b676ca6b9 100644
--- a/drivers/mtd/parsers/redboot.c
+++ b/drivers/mtd/parsers/redboot.c
@@ -102,7 +102,7 @@ static int parse_redboot_partitions(struct mtd_info *master,
    		offset -= master->erasesize;
    	}
    } else {
-		offset = directory * master->erasesize;
+		offset = (unsigned long) directory * master->erasesize;
    	while (mtd_block_isbad(master, offset)) {
    		offset += master->erasesize;
    		if (offset == master->size)
-- 
2.43.0





    

2024

2023

2022

2021

2020

2019

2018

2017

[PATCH 6.9 074/222] mtd: partitions: redboot: Added conversion of operands to a larger type