[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] fix potential int overflow in efi/boot

Hi Stefano,

CC Jan as he is the maintainer of this code.

Cheers,

On 09/12/16 01:30, Stefano Stabellini wrote:

HorizontalResolution and VerticalResolution are 32bit, while size is
64bit. As it stands the multiplication is evaluated with 32bit
arithmetic, which could overflow. Cast HorizontalResolution to 64bit to
avoid that.

Coverity-ID: 1381858

Signed-off-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>

diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c
index 56544dc..ff37bd9 100644
--- a/xen/common/efi/boot.c
+++ b/xen/common/efi/boot.c
@@ -687,7 +687,7 @@ static UINTN __init 
efi_find_gop_mode(EFI_GRAPHICS_OUTPUT_PROTOCOL *gop,
              mode_info->HorizontalResolution *
              mode_info->VerticalResolution > size )
         {
-            size = mode_info->HorizontalResolution *
+            size = (UINTN) mode_info->HorizontalResolution *
                    mode_info->VerticalResolution;
             gop_mode = i;
         }



--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.