Re: [PATCH] wifi: mac80211: fix interger overflow in hwmp_route_info_get()

13 Jan 2025

      On Thu, 2024-12-26 at 07:47 +0000, Gavrilov Ilia wrote:
...
Since the new_metric and last_hop_metric variables can reach
the MAX_METRIC(0xffffffff) value, an integer overflow may occur
when multiplying them by 10/9. It can lead to incorrect behavior.
Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.

			      mult_frac(new_metric, 10, 9) :

			      mult_frac((u64)new_metric, 10, 9) :

As you would expect, this doesn't build on 32-bit.
johannnes

2025

2024

2023

2022

2021

2020

2019

2018

2017

Re: [PATCH] wifi: mac80211: fix interger overflow in hwmp_route_info_get()