Commit 52e597d3 authored Jun 11, 2021 by Wong Vee Khee Committed by David S. Miller Jun 11, 2021

net: stmmac: Fix potential integer overflow



The commit d96febed ("net: stmmac: arrange Tx tail pointer update
to stmmac_flush_tx_descriptors") introduced the following coverity
warning:-

  1. Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
     overflow_before_widen: Potentially overflowing expression
     'tx_q->cur_tx * desc_size' with type 'unsigned int' (32 bits,
     unsigned) is evaluated using 32-bit arithmetic, and then used in a
     context that expects an expression of type dma_addr_t (64 bits,
     unsigned).

Fixed this by assigning tx_tail_addr to dma_addr_t type, as dma_addr_t
datatype is decided by CONFIG_ARCH_DMA_ADDR_T_64_BIT.

Fixes: d96febed ("net: stmmac: arrange Tx tail pointer update to stmmac_flush_tx_descriptors")
Signed-off-by: Wong Vee Khee <vee.khee.wong@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 8ee1a0ee

drivers/net/ethernet/stmicro/stmmac/stmmac.h

+1 −1

Original line number	Diff line number	Diff line
		@@ -75,7 +75,7 @@ struct stmmac_tx_queue {
		unsigned int cur_tx;
		unsigned int dirty_tx;
		dma_addr_t dma_tx_phy;
		u32 tx_tail_addr;
		dma_addr_t tx_tail_addr;
		u32 mss;
		};