[PATCH 4.14 31/50] ALSA: fireface: Fix integer overflow in transmit_midi_msg()

[PATCH 4.14 00/50] 4.14.217-rc1 review · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 03/50] MIPS: Fix malformed NT_FILE and NT_SIGINFO in 32bit coredumps · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 24/50] NFS: nfs_igrab_and_active must first reference the superblock · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 09/50] ext4: fix bug for rename with RENAME_WHITEOUT · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 07/50] dm snapshot: flush merged data before committing metadata · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 43/50] net: avoid 32 x truesize under-estimation for tiny skbs · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Naresh Kamboju <hidden> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Naresh Kamboju <hidden> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Will Deacon <will@kernel.org> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Nathan Chancellor <hidden> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Nick Desaulniers <hidden> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Naresh Kamboju <hidden> · 2021-01-22
Re: [PATCH 4.14 00/50] 4.14.217-rc1 review · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 31/50] ALSA: fireface: Fix integer overflow in transmit_midi_msg() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 40/50] net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 39/50] net: dcb: Validate netlink message in DCB handler · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 37/50] rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 45/50] tipc: fix NULL deref in tipc_link_xmit() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 36/50] netxen_nic: fix MSI/MSI-x interrupts · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 38/50] esp: avoid unneeded kmap_atomic call · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 34/50] compiler.h: Raise minimum version of GCC to 5.1 for arm64 · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 47/50] net: introduce skb_list_walk_safe for skb segment walking · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 50/50] spi: cadence: cache reference clock rate during probe · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 33/50] usb: ohci: Make distrust_firmware param default to false · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 48/50] net: skbuff: disambiguate argument and member for skb_list_walk_safe helper · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 49/50] net: ipv6: Validate GSO SKB before finish IPv6 processing · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 46/50] net: use skb_list_del_init() to remove from RX sublists · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 42/50] net: sit: unregister_netdevice on newlinks error path · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 44/50] rxrpc: Fix handling of an unsupported token type in rxrpc_read() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 23/50] pNFS: Mark layout for return if return-on-close was not sent · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 27/50] mm, slub: consider rest of partial list if acquire_slab() fails · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
Re: [PATCH 4.14 27/50] mm, slub: consider rest of partial list if acquire_slab() fails · Linus Torvalds <torvalds@linux-foundation.org> · 2021-03-10
Re: [PATCH 4.14 27/50] mm, slub: consider rest of partial list if acquire_slab() fails · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-03-10
[PATCH 4.14 04/50] MIPS: relocatable: fix possible boot hangup with KASLR enabled · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 30/50] ALSA: firewire-tascam: Fix integer overflow in midi_port_work() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 05/50] ACPI: scan: Harden acpi_device_add() against device ID overflows · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 06/50] mm/hugetlb: fix potential missing huge page size info · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 08/50] r8152: Add Lenovo Powered USB-C Travel Hub · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 41/50] net: stmmac: Fixed mtu channged by cache aligned · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 19/50] ARM: picoxcell: fix missing interrupt-parent properties · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 29/50] dm: eliminate potential source of excessive kernel log noise · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 28/50] net: sunrpc: interpret the return value of kstrtou32 correctly · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 25/50] ext4: fix superblock checksum failure when setting password salt · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 32/50] netfilter: conntrack: fix reading nf_conntrack_buckets · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 35/50] nfsd4: readdirplus shouldnt return parent of export · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 26/50] RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 15/50] arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 18/50] ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 20/50] dump_common_audit_data(): fix racy accesses to ->d_name · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 21/50] ASoC: Intel: fix error code cnl_set_dsp_D0() · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 02/50] MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 16/50] misdn: dsp: select CONFIG_BITREVERSE · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 13/50] btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 11/50] ARC: build: add uImage.lzma to the top-level target · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 01/50] ASoC: dapm: remove widget from dirty list on free · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 10/50] ARC: build: remove non-existing bootpImage from KBUILD_IMAGE · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 12/50] ARC: build: add boot_targets to PHONY · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 14/50] ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 17/50] net: ethernet: fs_enet: Add missing MODULE_LICENSE · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22
[PATCH 4.14 22/50] NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock · Greg Kroah-Hartman <gregkh@linuxfoundation.org> · 2021-01-22

STALE1937d REVIEWED: 2 (2M)

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: 2021-01-22 18:56:23
Also in: lkml

From: Geert Uytterhoeven <geert+renesas@glider.be>

commit e7c22eeaff8565d9a8374f320238c251ca31480b upstream.

As snd_ff.rx_bytes[] is unsigned int, and NSEC_PER_SEC is 1000000000L,
the second multiplication in

    ff->rx_bytes[port] * 8 * NSEC_PER_SEC / 31250

always overflows on 32-bit platforms, truncating the result.  Fix this
by precalculating "NSEC_PER_SEC / 31250", which is an integer constant.

Note that this assumes ff->rx_bytes[port] <= 16777.

Fixes: 19174295788de77d ("ALSA: fireface: add transaction support")
Reviewed-by: Takashi Sakamoto <o-takashi@sakamocchi.jp>
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Link: https://lore.kernel.org/r/20210111130251.361335-2-geert+renesas@glider.be (local)
Signed-off-by: Takashi Iwai <redacted>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 sound/firewire/fireface/ff-transaction.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/sound/firewire/fireface/ff-transaction.c
+++ b/sound/firewire/fireface/ff-transaction.c

@@ -99,7 +99,7 @@ static void transmit_midi_msg(struct snd
 
 	/* Set interval to next transaction. */
 	ff->next_ktime[port] = ktime_add_ns(ktime_get(),
-					    len * 8 * NSEC_PER_SEC / 31250);
+					    len * 8 * (NSEC_PER_SEC / 31250));
 	ff->rx_bytes[port] = len;
 
 	/*

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help