On 16/02/18 15:24, Alexandre Belloni wrote: > On 15/02/2018 at 21:44:53 +0100, Alexandre Belloni wrote: >> On 15/02/2018 at 19:36:14 +0000, Colin King wrote: >>> From: Colin Ian King <colin.king@xxxxxxxxxxxxx> >>> >>> The shifting of buf[5] by 24 bits to the left will be promoted to >>> a 32 bit signed int and then sign-extended to an unsigned long. If >>> the top bit of buf[5] is set then all then all the upper bits sec >>> end up as also being set because of the sign-extension. Fix this by >>> casting buf[5] to an unsigned long before the shift. >>> >> >> The timing of the discovery of this issue is suspicious. I believe it is >> because I just enabled COMPILE_TEST on that driver and now this gets >> compiled on a 64bit architecture. >> >> Can I ask on which architecture this is an issue? I don't think (and a >> small test program confirms) x86 does the sign extension because both >> sec and buf are unsigned. >> > > Actually, my test program was wrong and you are right. > Kudos to CoverityScan static analysis for finding it. It's not obvious for sure Colin -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
