spi: loopback-test: fix potential integer overflow on multiple A multiplication of 8U * xfer-len with the type of a 32 bit unsigned int is evaluated using 32 bit arithmetic and then used in a context that expects an expression of type unsigned long long (64 bits). Avoid any potential overflow by casting BITS_PER_BYTE to unsigned long long. Detected by CoverityScan, CID#1419691 ("Unintentional integer overflow") Fixes: ea9936f324356 ("spi: loopback-test: add elapsed time check") Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Mark Brown <broonie@kernel.org>

commit: d2c14c64d678713fced6f2261ce7d398b4351de5 [log] [tgz]
author: Colin Ian King <colin.king@canonical.com> Mon Mar 20 13:58:05 2017 +0000
committer: Mark Brown <broonie@kernel.org> Mon Mar 20 16:11:39 2017 +0000
tree: dac36ad6910b92db430c54ed480c0ecf541d3652
parent: 8687113e1515f4c9104a6eaedc384ec762c6550f [diff] [blame]
diff --git a/drivers/spi/spi-loopback-test.c b/drivers/spi/spi-loopback-test.c
index fcae337..6888d5c 100644
--- a/drivers/spi/spi-loopback-test.c
+++ b/drivers/spi/spi-loopback-test.c

@@ -508,7 +508,8 @@ static int spi_test_check_elapsed_time(struct spi_device *spi,
 
 	for (i = 0; i < test->transfer_count; i++) {
 		struct spi_transfer *xfer = test->transfers + i;
-		unsigned long long nbits = BITS_PER_BYTE * xfer->len;
+		unsigned long long nbits = (unsigned long long)BITS_PER_BYTE *
+					   xfer->len;
 
 		delay_usecs += xfer->delay_usecs;
 		if (!xfer->speed_hz)
commit	d2c14c64d678713fced6f2261ce7d398b4351de5	[log] [tgz]
author	Colin Ian King <colin.king@canonical.com>	Mon Mar 20 13:58:05 2017 +0000
committer	Mark Brown <broonie@kernel.org>	Mon Mar 20 16:11:39 2017 +0000
tree	dac36ad6910b92db430c54ed480c0ecf541d3652
parent	8687113e1515f4c9104a6eaedc384ec762c6550f [diff] [blame]