[PATCH mtd-utils] nand-utils: fix integer overflow in nftldump.c
Anton Moryakov
ant.v.moryakov at gmail.com
Thu Dec 26 05:46:00 PST 2024
Report of the static analyzer:
The value of an arithmetic expression 'i * meminfo.erasesize' is a subject to overflow because its operands are not cast to a larger data type before performing arithmetic
Corrections explained:
one of the operands was cast to a wider type, such as unsigned long long, to expand the range of possible values and avoid overflow
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov at gmail.com>
---
nand-utils/nftldump.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/nand-utils/nftldump.c b/nand-utils/nftldump.c
index 30332fe..6964d2c 100644
--- a/nand-utils/nftldump.c
+++ b/nand-utils/nftldump.c
@@ -124,7 +124,7 @@ static void dump_erase_units(void)
for (i = MedHead[0].FirstPhysicalEUN; i < MedHead[0].FirstPhysicalEUN +
MedHead[0].NumEraseUnits; i++) {
/* For each Erase Unit */
- ofs = i * meminfo.erasesize;
+ ofs = (unsigned long long)i * meminfo.erasesize;
/* read the Unit Control Information */
for (j = 0; j < 3; j++) {
--
2.30.2
More information about the linux-mtd
mailing list