[PATCH 5.4 72/76] ALSA: fireface: Fix integer overflow in transmit_midi_msg()

[PATCH 5.4 00/76] 5.4.91-rc1 review · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 10/76] MIPS: relocatable: fix possible boot hangup with KASLR enabled · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 14/76] dm raid: fix discard limits for raid1 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 18/76] btrfs: tree-checker: check if chunk item end overflows · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 19/76] drm/i915/backlight: fix CPU mode backlight takeover on LPT · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 32/76] ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 39/76] misdn: dsp: select CONFIG_BITREVERSE · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 37/76] bfq: Fix computation of shallow depth · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 40/76] net: ethernet: fs_enet: Add missing MODULE_LICENSE · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 51/76] ASoC: meson: axg-tdm-interface: fix loopback · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 48/76] ARM: picoxcell: fix missing interrupt-parent properties · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 25/76] ARC: build: remove non-existing bootpImage from KBUILD_IMAGE · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 52/76] ASoC: meson: axg-tdmin: fix axg skew offset · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 53/76] ASoC: Intel: fix error code cnl_set_dsp_D0() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 27/76] ARC: build: add boot_targets to PHONY · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 49/76] perf intel-pt: Fix CPU too large error · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 50/76] dump_common_audit_data(): fix racy accesses to ->d_name · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 68/76] mm, slub: consider rest of partial list if acquire_slab() fails · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 30/76] btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 29/76] netfilter: ipset: fixes possible oops in mtype_resize · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 31/76] regulator: bd718x7: Add enable times · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 28/76] ARC: build: move symlink creation to arch/arc/Makefile to avoid race · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 75/76] netfilter: nf_nat: Fix memleak in nf_nat_init · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 64/76] bnxt_en: Improve stats context resource accounting with RDMA driver loaded. · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 70/76] net: sunrpc: interpret the return value of kstrtou32 correctly · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 55/76] NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
Re: [PATCH 5.4 00/76] 5.4.91-rc1 review · Naresh Kamboju <hidden> · 2021-01-18
Re: [PATCH 5.4 00/76] 5.4.91-rc1 review · Guenter Roeck <linux@roeck-us.net> · 2021-01-18
[PATCH 5.4 63/76] RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 65/76] RDMA/mlx5: Fix wrong free of blue flame register on error · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 56/76] pNFS: We want return-on-close to complete when evicting the inode · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 61/76] ext4: fix superblock checksum failure when setting password salt · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 74/76] netfilter: conntrack: fix reading nf_conntrack_buckets · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 73/76] ALSA: firewire-tascam: Fix integer overflow in midi_port_work() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 72/76] ALSA: fireface: Fix integer overflow in transmit_midi_msg() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 71/76] dm: eliminate potential source of excessive kernel log noise · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 62/76] RDMA/restrack: Dont treat as an error allocation ID wrapping · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 69/76] iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 60/76] NFS: nfs_igrab_and_active must first reference the superblock · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 67/76] drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is no reset-deassert MIPI-sequence · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 59/76] NFS/pNFS: Fix a leak of the layout plh_outstanding counter · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 76/76] netfilter: nft_compat: remove flush counter optimization · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 58/76] pNFS: Stricter ordering of layoutget and layoutreturn · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 57/76] pNFS: Mark layout for return if return-on-close was not sent · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 22/76] smb3: remove unused flag passed into close functions · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 54/76] nvme-tcp: fix possible data corruption with bio merges · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 66/76] IB/mlx5: Fix error unwinding when set_has_smi_cap fails · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 26/76] ARC: build: add uImage.lzma to the top-level target · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 47/76] drm/msm: Call msm_init_vram before binding the gpu · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 38/76] arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 46/76] ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 36/76] lib/raid6: Let $(UNROLL) rules work with macOS userland · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 45/76] usb: typec: Fix copy paste error for NVIDIA alt-mode description · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 44/76] drm/amdgpu: fix a GPU hang issue when remove device · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 43/76] nvmet-rdma: Fix list_del corruption on queue establishment failure · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 42/76] nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 24/76] dm integrity: fix flush with external metadata device · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 41/76] selftests: fix the return value for UDP GRO test · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 35/76] hwmon: (pwm-fan) Ensure that calculation doesnt discard big period values · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 23/76] cifs: fix interrupted close commands · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 34/76] habanalabs: Fix memleak in hl_device_reset · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 33/76] habanalabs: register to pci shutdown callback · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 06/76] mips: fix Section mismatch in reference · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 07/76] mips: lib: uncached: fix non-standard usage of variable sp · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 08/76] MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 05/76] tracing/kprobes: Do the notrace functions check without kprobes on ftrace · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 03/76] ASoC: dapm: remove widget from dirty list on free · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 17/76] r8152: Add Lenovo Powered USB-C Travel Hub · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 04/76] x86/hyperv: check cpu mask after interrupt has been disabled · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 21/76] ext4: dont leak old mountpoint samples · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 09/76] MIPS: Fix malformed NT_FILE and NT_SIGINFO in 32bit coredumps · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 15/76] dm snapshot: flush merged data before committing metadata · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 11/76] RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 12/76] ACPI: scan: Harden acpi_device_add() against device ID overflows · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 01/76] kbuild: enforce -Werror=return-type · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 13/76] mm/hugetlb: fix potential missing huge page size info · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 16/76] dm integrity: fix the maximum number of arguments · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 02/76] btrfs: prevent NULL pointer dereference in extent_io_tree_panic · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18
[PATCH 5.4 20/76] ext4: fix bug for rename with RENAME_WHITEOUT · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-18

STALE1980d REVIEWED: 2 (2M)

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: 2021-01-18 18:54:01
Also in: lkml

From: Geert Uytterhoeven <geert+renesas@glider.be>

commit e7c22eeaff8565d9a8374f320238c251ca31480b upstream.

As snd_ff.rx_bytes[] is unsigned int, and NSEC_PER_SEC is 1000000000L,
the second multiplication in

    ff->rx_bytes[port] * 8 * NSEC_PER_SEC / 31250

always overflows on 32-bit platforms, truncating the result.  Fix this
by precalculating "NSEC_PER_SEC / 31250", which is an integer constant.

Note that this assumes ff->rx_bytes[port] <= 16777.

Fixes: 19174295788de77d ("ALSA: fireface: add transaction support")
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Link: https://lore.kernel.org/r/20210111130251.361335-2-geert+renesas@glider.be (local)
Signed-off-by: Takashi Iwai <redacted>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 sound/firewire/fireface/ff-transaction.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/sound/firewire/fireface/ff-transaction.c
+++ b/sound/firewire/fireface/ff-transaction.c

@@ -88,7 +88,7 @@ static void transmit_midi_msg(struct snd
 
 	/* Set interval to next transaction. */
 	ff->next_ktime[port] = ktime_add_ns(ktime_get(),
-				ff->rx_bytes[port] * 8 * NSEC_PER_SEC / 31250);
+			ff->rx_bytes[port] * 8 * (NSEC_PER_SEC / 31250));
 
 	if (quad_count == 1)
 		tcode = TCODE_WRITE_QUADLET_REQUEST;

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help