[PATCH v2] mtd: phram: Prevent divide by zero bug in phram_setup()
Miquel Raynal
miquel.raynal at bootlin.com
Sun Jan 23 07:33:26 PST 2022
miquel.raynal at bootlin.com wrote on Sun, 23 Jan 2022 16:22:56 +0100:
> On Fri, 2022-01-21 at 11:55:05 UTC, Dan Carpenter wrote:
> > The problem is that "erasesize" is a uint64_t type so it might be
> > non-zero but the lower 32 bits are zero so when it's truncated,
> > "(uint32_t)erasesize", then that value is zero. This leads to a
> > divide by zero bug.
> >
> > Avoid the bug by delaying the divide until after we have validated
> > that "erasesize" is non-zero and within the uint32_t range.
> >
> > Fixes: dc2b3e5cbc80 ("mtd: phram: use div_u64_rem to stop overwrite len in phram_setup")
> > Signed-off-by: Dan Carpenter <dan.carpenter at oracle.com>
>
> Applied to https://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux.git mtd/next, thanks.
Pushed on mtd/fixes, actually.
More information about the linux-mtd
mailing list