cmd: mtd: avoid unintentional integer overflow

mtd dump beyond 4 GiB will show incorrect results.

Multiplying two u32 will yield a u32. Add a missing cast.

Fixes: 5db66b3aee6f ("cmd: mtd: add 'mtd' command")
Addresses-Coverity-ID: 477205 ("Unintentional integer overflow")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
Link: https://lore.kernel.org/all/20240111073155.19545-1-heinrich.schuchardt@canonical.com
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>

diff --git a/cmd/mtd.c b/cmd/mtd.c
index e63c011e791077bfdbb61c65a5823035c7dbac11..9083a6840ac138962d9b8a5c6f0b1a31f26e84ff 100644 (file)
--- a/cmd/mtd.c
+++ b/cmd/mtd.c
@@ -77,7 +77,7 @@ static void mtd_dump_device_buf(struct mtd_info *mtd, u64 start_off,
 
        if (has_pages) {
                for (page = 0; page < npages; page++) {
-                       u64 data_off = page * mtd->writesize;
+                       u64 data_off = (u64)page * mtd->writesize;
 
                        printf("\nDump %d data bytes from 0x%08llx:\n",
                               mtd->writesize, start_off + data_off);
@@ -85,7 +85,7 @@ static void mtd_dump_device_buf(struct mtd_info *mtd, u64 start_off,
                                     mtd->writesize, start_off + data_off);
 
                        if (woob) {
-                               u64 oob_off = page * mtd->oobsize;
+                               u64 oob_off = (u64)page * mtd->oobsize;
 
                                printf("Dump %d OOB bytes from page at 0x%08llx:\n",
                                       mtd->oobsize, start_off + data_off);