On Wed, Nov 13, 2024 at 09:40:50PM +0100, Philippe Mathieu-Daudé wrote:
> Hi,
>
> On 13/11/24 20:16, Peter Xu wrote:
> > From: Dmitry Frolov
> >
> > stat64_add() takes uint64_t as 2nd argument, but both
> > "p->next_packet_size" and "p->packet_len" are uint32_t.
> > Thus, theyr sum may overflow
Hi,
On 13/11/24 20:16, Peter Xu wrote:
From: Dmitry Frolov
stat64_add() takes uint64_t as 2nd argument, but both
"p->next_packet_size" and "p->packet_len" are uint32_t.
Thus, theyr sum may overflow uint32_t.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Dmi
From: Dmitry Frolov
stat64_add() takes uint64_t as 2nd argument, but both
"p->next_packet_size" and "p->packet_len" are uint32_t.
Thus, theyr sum may overflow uint32_t.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Dmitry Frolov
Link: https://lore.kernel.org/
