cf29b8caad
Avoid integer overflow in temp_sq calculation. For an analysis of the value ranges for the temp_sq calculation of mx5837-02 see below: calculation: dT = adc_temperature - ((int32_t)(data->t_ref) << 8); data->temperature = 2000 + (dT * data->tempsens) / (1ll << 23); temp_sq = (data->temperature - 2000) * (data->temperature - 2000); given needed storage sizes: t_ref is uint16_t, adc_temperature is uint24_t, data->tempsens is uint16_t, ranges => dT: -16776960 <= dT <= 16777215 (25 bit) => data->temperature (TEMP): intermed.(mult): -1099478073600 <= x <= 1099494785025 (41 bit) TEMP: 2.000 - 131068 <= TEMP <= 2.000 + 131.069 TEMP: -129068 <= TEMP <= 133069 (17 bit) So worst case we need 17 bit for TEMP, so the square of it would overflow an int32_t. The nominal measurement range is only -40 to 85°C, meaning a range of -4000 to 8500. So normally the result for temp_seq would fit into a int32_t, but we cast to be better safe than sorry. Also the 64-bit multiplication won't be the dominating operation of the whole calculation. Fixes #58585 Coverity-CID: 316294 Fixes #58594 Coverity-CID: 316521 Signed-off-by: Thomas Stranger <thomas.stranger@outlook.com> |
||
|---|---|---|
| .. | ||
| CMakeLists.txt | ||
| Kconfig | ||
| ms5837.c | ||
| ms5837.h | ||