review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Bart Van Assche <bart.vanassche@wdc.com>
	Wed, 11 Oct 2017 17:48:45 +0000 (10:48 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 20 Dec 2017 09:10:37 +0000 (10:10 +0100)
commit	02ef1dd301c2f1ca0ffe58f75bf2f0f4bd291270
tree	ef5835a2a89b83b805fc7f2475c110eaec6cd2aa	tree \| snapshot
parent	9fc290e529b4948b2b18fa943d8bd5c3a5d5b6e1	commit \| diff

RDMA/cma: Avoid triggering undefined behavior

[ Upstream commit c0b64f58e8d49570aa9ee55d880f92c20ff0166b ]

According to the C standard the behavior of computations with
integer operands is as follows:
* A computation involving unsigned operands can never overflow,
  because a result that cannot be represented by the resulting
  unsigned integer type is reduced modulo the number that is one
  greater than the largest value that can be represented by the
  resulting type.
* The behavior for signed integer underflow and overflow is
  undefined.

Hence only use unsigned integers when checking for integer
overflow.

This patch is what I came up with after having analyzed the
following smatch warnings:

drivers/infiniband/core/cma.c:3448: cma_resolve_ib_udp() warn: signed overflow undefined. 'offset + conn_param->private_data_len < conn_param->private_data_len'
drivers/infiniband/core/cma.c:3505: cma_connect_ib() warn: signed overflow undefined. 'offset + conn_param->private_data_len < conn_param->private_data_len'

Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Acked-by: Sean Hefty <sean.hefty@intel.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>