[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH-for-5.2] hw/arm/smmuv3: Fix potential integer overflow (CID 14323
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
[PATCH-for-5.2] hw/arm/smmuv3: Fix potential integer overflow (CID 1432363) |
|
Date: |
Fri, 30 Oct 2020 15:46:17 +0100 |
Use the BIT_ULL() macro to ensure we use 64-bit arithmetic.
This fixes the following Coverity issue (OVERFLOW_BEFORE_WIDEN):
CID 1432363 (#1 of 1): Unintentional integer overflow:
overflow_before_widen:
Potentially overflowing expression 1 << scale with type int
(32 bits, signed) is evaluated using 32-bit arithmetic, and
then used in a context that expects an expression of type
hwaddr (64 bits, unsigned).
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
---
hw/arm/smmuv3.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index 2017ba7a5a7..22607c37841 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -17,6 +17,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/bitops.h"
#include "hw/irq.h"
#include "hw/sysbus.h"
#include "migration/vmstate.h"
@@ -864,7 +865,7 @@ static void smmuv3_s1_range_inval(SMMUState *s, Cmd *cmd)
scale = CMD_SCALE(cmd);
num = CMD_NUM(cmd);
ttl = CMD_TTL(cmd);
- num_pages = (num + 1) * (1 << (scale));
+ num_pages = (num + 1) * BIT_ULL(scale);
}
if (type == SMMU_CMD_TLBI_NH_VA) {
--
2.26.2
- [PATCH-for-5.2] hw/arm/smmuv3: Fix potential integer overflow (CID 1432363),
Philippe Mathieu-Daudé <=