msm: mdss: Handling possible integer overflow · 1e400c0dbd - evie/android_kernel_oneplus_msm8998 - Gay Catgirls Forgejo: gay catgirls having sex

evie/android_kernel_oneplus_msm8998

msm: mdss: Handling possible integer overflow

fudge_factor calculation can suffer from integer overflow as numer and
denom are user controlled. Hence this change will first check for the
overflow and return immediately.

CRs-Fixed: 1110860
Change-Id: I3fab3edd4515d7a4c67f29d68b2039f234b03612
Signed-off-by: Harsh Sahu <hsahu@codeaurora.org>

This commit is contained in:

Harsh Sahu

2017-02-17 18:37:17 -08:00

• committed by

Gerrit - the friendly Code Review server

parent 2a7bbea49b

commit 1e400c0dbd

1 changed files with 12 additions and 2 deletions

									
										14

drivers/video/fbdev/msm/mdss_mdp_ctl.c
									
										View file
										
					@ -73,8 +73,18 @@ static void __mdss_mdp_mixer_write_cfg(struct mdss_mdp_mixer *mixer,

					static inline u64 fudge_factor(u64 val, u32 numer, u32 denom)

					static inline u64 fudge_factor(u64 val, u32 numer, u32 denom)

					{

					{

						u64 result = (val * (u64)numer);

						u64 result = val;

						do_div(result, denom);

						if (val) {

							u64 temp = -1UL;

							do_div(temp, val);

							if (temp > numer) {

								/* no overflow, so we can do the operation*/

								result = (val * (u64)numer);

								do_div(result, denom);

							}

						}

						return result;

						return result;

					}

					}