[PATCH] usbredirhost: prevent overflow in usbredirhost_set_iso_threshold

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



pkts_per_transfer < MAX_PACKETS_PER_TRANSFER = 32.
transfer_count < MAX_TRANSFER_COUNT = 16.
max_packetsize = maxp * mult. mult <= 3.
maxp <= 0x7ff. If all variables have their max value,
the result will be bigger that uint16_t.
Add an explicit cast.

Signed-off-by: Anastasia Belova <abelova@xxxxxxxxxxxxx>
---
 usbredirhost/usbredirhost.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usbredirhost/usbredirhost.c b/usbredirhost/usbredirhost.c
index 03c56e9..ca19473 100644
--- a/usbredirhost/usbredirhost.c
+++ b/usbredirhost/usbredirhost.c
@@ -1193,7 +1193,7 @@ static void usbredirhost_stop_stream(struct usbredirhost *host,
 static void usbredirhost_set_iso_threshold(struct usbredirhost *host,
     uint8_t pkts_per_transfer, uint8_t transfer_count, uint16_t max_packetsize)
 {
-    uint64_t reference = pkts_per_transfer * transfer_count * max_packetsize;
+    uint64_t reference = (uint64_t)pkts_per_transfer * transfer_count * max_packetsize;
     host->iso_threshold.lower = reference / 2;
     host->iso_threshold.higher = reference * 3;
     DEBUG("higher threshold is %" PRIu64 " bytes | lower threshold is %" PRIu64 " bytes",
-- 
2.30.2




[Index of Archives]     [Linux Virtualization]     [Linux Virtualization]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]     [Monitors]