lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <186e37fe07196ee41a0e562fa8a8cb7a01112ec5.1601565471.git.gustavoars@kernel.org> Date: Thu, 1 Oct 2020 10:25:42 -0500 From: "Gustavo A. R. Silva" <gustavoars@...nel.org> To: linux-kernel@...r.kernel.org Cc: linux-hardening@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org> Subject: [PATCH 2/3][next] lib/stackdepot.c: Use flex_array_size() helper in memcpy() Make use of the flex_array_size() helper to calculate the size of a flexible array member within an enclosing structure. This helper offers defense-in-depth against potential integer overflows, while at the same time makes it explicitly clear that we are dealing with a flexible array member. Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org> --- lib/stackdepot.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/stackdepot.c b/lib/stackdepot.c index c6106cfb7950..683b6a8ddade 100644 --- a/lib/stackdepot.c +++ b/lib/stackdepot.c @@ -135,7 +135,7 @@ static struct stack_record *depot_alloc_stack(unsigned long *entries, int size, stack->handle.slabindex = depot_index; stack->handle.offset = depot_offset >> STACK_ALLOC_ALIGN; stack->handle.valid = 1; - memcpy(stack->entries, entries, size * sizeof(unsigned long)); + memcpy(stack->entries, entries, flex_array_size(stack, entries, size)); depot_offset += required_size; return stack; -- 2.27.0
Powered by blists - more mailing lists