lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 16 Feb 2022 10:26:34 +0900
From:   Chanwoo Choi <cw00.choi@...sung.com>
To:     "Gustavo A. R. Silva" <gustavoars@...nel.org>,
        MyungJoo Ham <myungjoo.ham@...sung.com>,
        Benson Leung <bleung@...omium.org>,
        Guenter Roeck <groeck@...omium.org>
Cc:     linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] extcon: usbc-cros-ec: Use struct_size() helper in
 kzalloc()

On 1/26/22 4:26 AM, Gustavo A. R. Silva wrote:
> Make use of the struct_size() helper instead of an open-coded version,
> in order to avoid any potential type mistakes or integer overflows that,
> in the worst scenario, could lead to heap overflows.
> 
> Also, address the following sparse warnings:
> drivers/extcon/extcon-usbc-cros-ec.c:71:23: warning: using sizeof on a flexible structure
> 
> Link: https://protect2.fireeye.com/v1/url?k=2dc5c327-725efa52-2dc44868-0cc47a31ce4e-cb277ab0badba227&q=1&e=e53efbe1-ab25-4a39-a8b1-9e099fcccde3&u=https%3A%2F%2Fgithub.com%2FKSPP%2Flinux%2Fissues%2F174
> Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
> ---
>  drivers/extcon/extcon-usbc-cros-ec.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/extcon/extcon-usbc-cros-ec.c b/drivers/extcon/extcon-usbc-cros-ec.c
> index 5290cc2d19d9..fde1db62be0d 100644
> --- a/drivers/extcon/extcon-usbc-cros-ec.c
> +++ b/drivers/extcon/extcon-usbc-cros-ec.c
> @@ -68,7 +68,7 @@ static int cros_ec_pd_command(struct cros_ec_extcon_info *info,
>  	struct cros_ec_command *msg;
>  	int ret;
>  
> -	msg = kzalloc(sizeof(*msg) + max(outsize, insize), GFP_KERNEL);
> +	msg = kzalloc(struct_size(msg, data, max(outsize, insize)), GFP_KERNEL);
>  	if (!msg)
>  		return -ENOMEM;
>  
> 

Applied it. Thanks.

-- 
Best Regards,
Chanwoo Choi
Samsung Electronics

Powered by blists - more mailing lists