msm: mdss: Handling possible integer overflow · 1e400c0dbd - evie/android_kernel_oneplus_msm8998 - Gay Catgirls Forgejo: gay catgirls having sex

evie/android_kernel_oneplus_msm8998

msm: mdss: Handling possible integer overflow

fudge_factor calculation can suffer from integer overflow as numer and
denom are user controlled. Hence this change will first check for the
overflow and return immediately.

CRs-Fixed: 1110860
Change-Id: I3fab3edd4515d7a4c67f29d68b2039f234b03612
Signed-off-by: Harsh Sahu <hsahu@codeaurora.org>

This commit is contained in:

Harsh Sahu

2017-02-17 18:37:17 -08:00

• committed by

Gerrit - the friendly Code Review server

parent 2a7bbea49b

commit 1e400c0dbd

1 changed files with 12 additions and 2 deletions

									
										12

drivers/video/fbdev/msm/mdss_mdp_ctl.c
									
										View file
										
				@ -73,8 +73,18 @@ static void __mdss_mdp_mixer_write_cfg(struct mdss_mdp_mixer *mixer,

				static inline u64 fudge_factor(u64 val, u32 numer, u32 denom)

				{

					u64 result = (val * (u64)numer);

					u64 result = val;

					if (val) {

						u64 temp = -1UL;

						do_div(temp, val);

						if (temp > numer) {

							/* no overflow, so we can do the operation*/

							result = (val * (u64)numer);

							do_div(result, denom);

						}

					}

					return result;

				}