isl28022_read_power() computes:
*val = ((51200000L * ((long)data->gain)) /
(long)data->shunt) * (long)regval;
On 32-bit platforms, 'long' is 32 bits. With gain=8 and shunt=10000
(the default configuration):
(
51200000 * 8) / 10000 = 40960
40960 * 65535 = 2,684,313,600
This exceeds LONG_MAX (2,147,483,647), resulting in signed integer
overflow.
Additionally, dividing before multiplying by regval loses precision
unnecessarily.
Use u64 arithmetic with div_u64() and multiply before dividing to
retain precision. The intermediate product cannot overflow u64
(worst case:
51200000 * 8 * 65535 =
26843136000000). Power is
inherently non-negative, so unsigned types are the natural fit.
Cap the result to LONG_MAX before returning it through the hwmon
callback.
Fixes: 39671a14df4f2 ("hwmon: (isl28022) new driver for ISL28022 power monitor")
Cc: stable@vger.kernel.org
Signed-off-by: Sanman Pradhan <psanman@juniper.net>
Link: https://lore.kernel.org/r/20260410002613.424557-1-sanman.pradhan@hpe.com
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
#include <linux/err.h>
#include <linux/hwmon.h>
#include <linux/i2c.h>
+#include <linux/math64.h>
#include <linux/module.h>
#include <linux/regmap.h>
ISL28022_REG_POWER, ®val);
if (err < 0)
return err;
- *val = ((51200000L * ((long)data->gain)) /
- (long)data->shunt) * (long)regval;
+ *val = min(div_u64(51200000ULL * data->gain * regval,
+ data->shunt), LONG_MAX);
break;
default:
return -EOPNOTSUPP;
projects / thirdparty / kernel / linux.git / commitdiff
