On Fri, Aug 23, 2013 at 01:18:25PM +0300, Dan Carpenter wrote: > Tegra is a 32 bit arch. On 32 bit systems then size_t is 32 bits so > "total" will never be higher than UINT_MAX because of integer overflows. > We need cast to u64 first before doing the math. > > Also the addition earlier: > > unsigned int num_unpins = num_cmdbufs + num_relocs; > > That can overflow as well, but I think it's still safe because we check > both "num_cmdbufs" and "num_relocs" again in this test. > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > --- > This is something I spotted in code review. I can't actually compile > this code. I assume this overflow test has security implications. It did compile and looks good to me, so I've applied it. Thanks, Thierry
Attachment:
pgp9ZCn_NCsmp.pgp
Description: PGP signature
_______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/dri-devel
