Re: [PATCH] x86/ioremap: tighten integer overflow checking
From: Juergen Gross
Date: Thu Oct 25 2018 - 02:28:54 EST
On 25/10/2018 08:16, Dan Carpenter wrote:
> The current check is a bit off in the case where "phys_addr + size"
> wraps to zero because then "last_addr" is set to ULONG_MAX which is >=
> phys_addr.
And -2 would be okay?
For 32-bit systems I believe ULONG_MAX is a perfectly valid physical
address.
>
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
> arch/x86/mm/ioremap.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
> index 5378d10f1d31..ee43df3ebe66 100644
> --- a/arch/x86/mm/ioremap.c
> +++ b/arch/x86/mm/ioremap.c
> @@ -146,9 +146,9 @@ static void __iomem *__ioremap_caller(resource_size_t phys_addr,
> void __iomem *ret_addr;
>
> /* Don't allow wraparound or zero size */
> - last_addr = phys_addr + size - 1;
> - if (!size || last_addr < phys_addr)
> + if (!size || phys_addr + size < phys_addr)
> return NULL;
> + last_addr = phys_addr + size - 1;
>
> if (!phys_addr_valid(phys_addr)) {
Wouldn't it make more sense to test last_addr for being a valid physical
address here?
> printk(KERN_WARNING "ioremap: invalid physical address %llx\n",
>
Juergen