From 82932d4cff46627bc1a693893326400aab5f8967 Mon Sep 17 00:00:00 2001 From: Antti Palosaari Date: Sat, 5 Apr 2014 17:23:41 -0300 Subject: [PATCH] [media] msi001: fix possible integer overflow Coverity CID 1196502: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "(f_rf + f_if + f_if1) * lo_div" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "u64" (64 bits, unsigned). To avoid overflow, cast either operand to "u64" before performing the multiplication. Reported-by: Signed-off-by: Antti Palosaari Signed-off-by: Mauro Carvalho Chehab --- drivers/staging/media/msi3101/msi001.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/media/msi3101/msi001.c b/drivers/staging/media/msi3101/msi001.c index ac43bae10102..bd0b93cb6c53 100644 --- a/drivers/staging/media/msi3101/msi001.c +++ b/drivers/staging/media/msi3101/msi001.c @@ -201,7 +201,7 @@ static int msi001_set_tuner(struct msi001 *s) dev_dbg(&s->spi->dev, "%s: bandwidth selected=%d\n", __func__, bandwidth_lut[i].freq); - f_vco = (f_rf + f_if + f_if1) * lo_div; + f_vco = (u64) (f_rf + f_if + f_if1) * lo_div; tmp64 = f_vco; m = do_div(tmp64, F_REF * R_REF); n = (unsigned int) tmp64;