[PATCH] tcp_nv: fix potential integer overflow in tcpnv

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] tcp_nv: fix potential integer overflow in tcpnv_acked
@ 2018-01-31  4:21 Gustavo A. R. Silva
  2018-01-31 15:33 ` David Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Gustavo A. R. Silva @ 2018-01-31  4:21 UTC (permalink / raw)
  To: David S. Miller, Alexey Kuznetsov, Hideaki YOSHIFUJI
  Cc: netdev, linux-kernel, Gustavo A. R. Silva

Add suffix ULL to constant 80000 in order to avoid a potential integer
overflow and give the compiler complete information about the proper
arithmetic to use. Notice that this constant is used in a context that
expects an expression of type u64.

The current cast to u64 effectively applies to the whole expression
as an argument of type u64 to be passed to div64_u64, but it does
not prevent it from being evaluated using 32-bit arithmetic instead
of 64-bit arithmetic.

Also, once the expression is properly evaluated using 64-bit arithmentic,
there is no need for the parentheses and the external cast to u64.

Addresses-Coverity-ID: 1357588 ("Unintentional integer overflow")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
 net/ipv4/tcp_nv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/tcp_nv.c b/net/ipv4/tcp_nv.c
index ddbce73..764298e 100644
--- a/net/ipv4/tcp_nv.c
+++ b/net/ipv4/tcp_nv.c
@@ -364,7 +364,7 @@ static void tcpnv_acked(struct sock *sk, const struct ack_sample *sample)
 		 */
 		cwnd_by_slope = (u32)
 			div64_u64(((u64)ca->nv_rtt_max_rate) * ca->nv_min_rtt,
-				  (u64)(80000 * tp->mss_cache));
+				  80000ULL * tp->mss_cache);
 		max_win = cwnd_by_slope + nv_pad;

 		/* If cwnd > max_win, decrease cwnd
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] tcp_nv: fix potential integer overflow in tcpnv_acked
  2018-01-31  4:21 [PATCH] tcp_nv: fix potential integer overflow in tcpnv_acked Gustavo A. R. Silva
@ 2018-01-31 15:33 ` David Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2018-01-31 15:33 UTC (permalink / raw)
  To: gustavo; +Cc: kuznet, yoshfuji, netdev, linux-kernel, garsilva

From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
Date: Tue, 30 Jan 2018 22:21:48 -0600

> Add suffix ULL to constant 80000 in order to avoid a potential integer
> overflow and give the compiler complete information about the proper
> arithmetic to use. Notice that this constant is used in a context that
> expects an expression of type u64.
> 
> The current cast to u64 effectively applies to the whole expression
> as an argument of type u64 to be passed to div64_u64, but it does
> not prevent it from being evaluated using 32-bit arithmetic instead
> of 64-bit arithmetic.
> 
> Also, once the expression is properly evaluated using 64-bit arithmentic,
> there is no need for the parentheses and the external cast to u64.
> 
> Addresses-Coverity-ID: 1357588 ("Unintentional integer overflow")
> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>

Applied.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2018-01-31 15:33 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-31  4:21 [PATCH] tcp_nv: fix potential integer overflow in tcpnv_acked Gustavo A. R. Silva
2018-01-31 15:33 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).