Re: [Xen-devel] [PATCH] fix potential int overflow in efi/boot

Julien Grall Fri, 09 Dec 2016 06:28:55 -0800

Hi Stefano,

CC Jan as he is the maintainer of this code.


Cheers,

On 09/12/16 01:30, Stefano Stabellini wrote:

HorizontalResolution and VerticalResolution are 32bit, while size is
64bit. As it stands the multiplication is evaluated with 32bit
arithmetic, which could overflow. Cast HorizontalResolution to 64bit to
avoid that.

Coverity-ID: 1381858

Signed-off-by: Stefano Stabellini <sstabell...@kernel.org>

diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c
index 56544dc..ff37bd9 100644
--- a/xen/common/efi/boot.c
+++ b/xen/common/efi/boot.c
@@ -687,7 +687,7 @@ static UINTN __init 
efi_find_gop_mode(EFI_GRAPHICS_OUTPUT_PROTOCOL *gop,
              mode_info->HorizontalResolution *
              mode_info->VerticalResolution > size )
         {
-            size = mode_info->HorizontalResolution *
+            size = (UINTN) mode_info->HorizontalResolution *
                    mode_info->VerticalResolution;
             gop_mode = i;
         }


--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: [Xen-devel] [PATCH] fix potential int overflow in efi/boot

Reply via email to