[media] msi001: fix possible integer overflow

Coverity CID 1196502: Unintentional integer overflow
(OVERFLOW_BEFORE_WIDEN)

Potentially overflowing expression "(f_rf + f_if + f_if1) * lo_div"
with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit
arithmetic before being used in a context which expects an expression
of type "u64" (64 bits, unsigned). To avoid overflow, cast either
operand to "u64" before performing the multiplication.

Reported-by: <scan-admin@coverity.com>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>

diff --git a/drivers/staging/media/msi3101/msi001.c b/drivers/staging/media/msi3101/msi001.c
index ac43bae101021c74208347dc38349df888085d08..bd0b93cb6c539b9079b106f2e1c7caa509ed7166 100644 (file)
--- a/drivers/staging/media/msi3101/msi001.c
+++ b/drivers/staging/media/msi3101/msi001.c
@@ -201,7 +201,7 @@ static int msi001_set_tuner(struct msi001 *s)
        dev_dbg(&s->spi->dev, "%s: bandwidth selected=%d\n",
                        __func__, bandwidth_lut[i].freq);
 
-       f_vco = (f_rf + f_if + f_if1) * lo_div;
+       f_vco = (u64) (f_rf + f_if + f_if1) * lo_div;
        tmp64 = f_vco;
        m = do_div(tmp64, F_REF * R_REF);
        n = (unsigned int) tmp64;