[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] fix potential int overflow in efi/boot



Forgot to CC Jan again.

On Fri, 9 Dec 2016, Stefano Stabellini wrote:
> HorizontalResolution and VerticalResolution are 32bit, while size is
> 64bit. As it stands multiplications are evaluated with 32bit arithmetic,
> which could overflow. Cast HorizontalResolution to 64bit to avoid that.
> 
> Coverity-ID: 1381858
> 
> Signed-off-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
> 
> ---
> Changes in v2:
> - remove stray space
> - fix other multiplication
> 
> diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c
> index 56544dc..3e5e4ab 100644
> --- a/xen/common/efi/boot.c
> +++ b/xen/common/efi/boot.c
> @@ -684,10 +684,10 @@ static UINTN __init 
> efi_find_gop_mode(EFI_GRAPHICS_OUTPUT_PROTOCOL *gop,
>              break;
>          }
>          if ( !cols && !rows &&
> -             mode_info->HorizontalResolution *
> +             (UINTN)mode_info->HorizontalResolution *
>               mode_info->VerticalResolution > size )
>          {
> -            size = mode_info->HorizontalResolution *
> +            size = (UINTN)mode_info->HorizontalResolution *
>                     mode_info->VerticalResolution;
>              gop_mode = i;
>          }
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.