From: Andrey Ryabinin Date: Tue, 24 Mar 2015 15:31:23 +0000 (+0300) Subject: cris: fix integer overflow in ELF_ET_DYN_BASE X-Git-Tag: firefly_0821_release~176^2~1858^2 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=d939b52abe0cee9cc3167f554da6b864db86d3f2;p=firefly-linux-kernel-4.4.55.git cris: fix integer overflow in ELF_ET_DYN_BASE Almost all arches define ELF_ET_DYN_BASE as 2/3 of TASK_SIZE. Though it seems that some architectures do this in a wrong way. The problem is that 2*TASK_SIZE may overflow 32-bits so the real ELF_ET_DYN_BASE becomes wrong. Fix this overflow by dividing TASK_SIZE prior to multiplying: (TASK_SIZE / 3 * 2) Signed-off-by: Andrey Ryabinin Signed-off-by: Jesper Nilsson --- diff --git a/arch/cris/include/asm/elf.h b/arch/cris/include/asm/elf.h index 30ded8fbf592..c2a394ff55ff 100644 --- a/arch/cris/include/asm/elf.h +++ b/arch/cris/include/asm/elf.h @@ -71,7 +71,7 @@ typedef unsigned long elf_fpregset_t; the loader. We need to make sure that it is out of the way of the program that it will "exec", and that there is sufficient room for the brk. */ -#define ELF_ET_DYN_BASE (2 * TASK_SIZE / 3) +#define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2) /* This yields a mask that user programs can use to figure out what instruction set this CPU supports. This could be done in user space,