aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2018-10-08 14:55:05 +0100
committerPeter Maydell <peter.maydell@linaro.org>2018-10-08 14:55:05 +0100
commit74e2e59b8d0a68be0956310fc349179c89fd7be0 (patch)
tree2a3929c352b68589d0ee5d3b36573d93d9ae707e
parent167765f0739e4a108e8c2e2ff2f37917df5658f9 (diff)
downloadqemu-arm-target-arm.next.tar.gz
hw/display/bcm2835_fb: Silence Coverity warning about multiply overflowpull-target-arm-20181008target-arm.nexttarget-arm.for-upstream
Coverity complains (CID 1395628) that the multiply in the calculation of the framebuffer base is performed as 32x32 but then used in a context that takes a 64-bit hwaddr. This can't actually ever overflow the 32-bit result, because of the constraints placed on the s->config values in bcm2835_fb_validate_config(). But we can placate Coverity anyway, by explicitly casting one of the inputs to a hwaddr, so the whole expression is calculated with 64-bit arithmetic. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 20181005133012.26490-1-peter.maydell@linaro.org
-rw-r--r--hw/display/bcm2835_fb.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/display/bcm2835_fb.c b/hw/display/bcm2835_fb.c
index d534d00a65..599863e4e1 100644
--- a/hw/display/bcm2835_fb.c
+++ b/hw/display/bcm2835_fb.c
@@ -190,7 +190,7 @@ static void fb_update_display(void *opaque)
}
if (s->invalidate) {
- hwaddr base = s->config.base + xoff + yoff * src_width;
+ hwaddr base = s->config.base + xoff + (hwaddr)yoff * src_width;
framebuffer_update_memory_section(&s->fbsection, s->dma_mr,
base,
s->config.yres, src_width);