From 71a7d3d78e3ca51ea688ae88c389867d948377cd Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Fri, 20 Oct 2017 11:41:56 -0600 Subject: [PATCH] vfio/type1: silence integer overflow warning I get a static checker warning about the potential integer overflow if we add "unmap->iova + unmap->size". The integer overflow isn't really harmful, but we may as well fix it. Also unmap->size gets truncated to size_t when we pass it to vfio_find_dma() so we could check for too high values of that as well. Signed-off-by: Dan Carpenter Signed-off-by: Alex Williamson --- drivers/vfio/vfio_iommu_type1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c index 92155cce926d..e30e29ae4819 100644 --- a/drivers/vfio/vfio_iommu_type1.c +++ b/drivers/vfio/vfio_iommu_type1.c @@ -767,6 +767,9 @@ static int vfio_dma_do_unmap(struct vfio_iommu *iommu, return -EINVAL; if (!unmap->size || unmap->size & mask) return -EINVAL; + if (unmap->iova + unmap->size < unmap->iova || + unmap->size > SIZE_MAX) + return -EINVAL; WARN_ON(mask & PAGE_MASK); again: -- 2.30.2