diff options
| author | Len Baker <len.baker@gmx.com> | 2021-09-19 13:09:13 +0200 |
|---|---|---|
| committer | Gustavo A. R. Silva <gustavoars@kernel.org> | 2021-10-13 14:54:13 -0500 |
| commit | 2a12e0003580505b8e7d82f9a8fef95f4a1031a8 (patch) | |
| tree | 12de26f4ed82cf4306af29a4948ebc91aabcf62b /fs/xfs/xfs_ioctl.c | |
| parent | e4e737bb5c170df6135a127739a9e6148ee3da82 (diff) | |
| download | linux-2a12e0003580505b8e7d82f9a8fef95f4a1031a8.tar.bz2 | |
assoc_array: Avoid open coded arithmetic in allocator arguments
As noted in the "Deprecated Interfaces, Language Features, Attributes,
and Conventions" documentation [1], size calculations (especially
multiplication) should not be performed in memory allocator (or similar)
function arguments due to the risk of them overflowing. This could lead
to values wrapping around and a smaller allocation being made than the
caller was expecting. Using those allocations could lead to linear
overflows of heap memory and other misbehaviors.
So, use the struct_size() helper to do the arithmetic instead of the
argument "size + count * size" in the kmalloc() and kzalloc() functions.
Also, take the opportunity to refactor the memcpy() calls to use the
struct_size() and flex_array_size() helpers.
[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments
Signed-off-by: Len Baker <len.baker@gmx.com>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Diffstat (limited to 'fs/xfs/xfs_ioctl.c')
0 files changed, 0 insertions, 0 deletions