From cc68c613d6eeac921e6ef5987db5c764858fab1c Mon Sep 17 00:00:00 2001 From: Len Baker Date: Sun, 19 Sep 2021 11:44:32 +0200 Subject: [PATCH] afs: Prefer struct_size over open coded arithmetic As noted in the "Deprecated Interfaces, Language Features, Attributes, and Conventions" documentation [1], size calculations (especially multiplication) should not be performed in memory allocator (or similar) function arguments due to the risk of them overflowing. This could lead to values wrapping around and a smaller allocation being made than the caller was expecting. Using those allocations could lead to linear overflows of heap memory and other misbehaviors. So, use the struct_size() helper to do the arithmetic instead of the argument "size + size * count" in the kzalloc() function. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments Signed-off-by: Len Baker Acked-by: David Howells Reviewed-by: Gustavo A. R. Silva Signed-off-by: Gustavo A. R. Silva --- fs/afs/security.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/fs/afs/security.c b/fs/afs/security.c index 3c7a8fc4f93f..7c6a63a30394 100644 --- a/fs/afs/security.c +++ b/fs/afs/security.c @@ -219,8 +219,7 @@ void afs_cache_permit(struct afs_vnode *vnode, struct key *key, * yet. */ size++; - new = kzalloc(sizeof(struct afs_permits) + - sizeof(struct afs_permit) * size, GFP_NOFS); + new = kzalloc(struct_size(new, permits, size), GFP_NOFS); if (!new) goto out_put;