| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <186e37fe07196ee41a0e562fa8a8cb7a01112ec5.1601565471.git.gustavoars@kernel.org>
Date: Thu, 1 Oct 2020 10:25:42 -0500
From: "Gustavo A. R. Silva" <gustavoars@...nel.org>
To: linux-kernel@...r.kernel.org
Cc: linux-hardening@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>
Subject: [PATCH 2/3][next] lib/stackdepot.c: Use flex_array_size() helper in
memcpy()
Make use of the flex_array_size() helper to calculate the size of a
flexible array member within an enclosing structure.
This helper offers defense-in-depth against potential integer
overflows, while at the same time makes it explicitly clear that
we are dealing with a flexible array member.
Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
---
lib/stackdepot.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/stackdepot.c b/lib/stackdepot.c
index c6106cfb7950..683b6a8ddade 100644
--- a/lib/stackdepot.c
+++ b/lib/stackdepot.c
@@ -135,7 +135,7 @@ static struct stack_record *depot_alloc_stack(unsigned long *entries, int size,
stack->handle.slabindex = depot_index;
stack->handle.offset = depot_offset >> STACK_ALLOC_ALIGN;
stack->handle.valid = 1;
- memcpy(stack->entries, entries, size * sizeof(unsigned long));
+ memcpy(stack->entries, entries, flex_array_size(stack, entries, size));
depot_offset += required_size;
return stack;
--
2.27.0
Powered by blists - more mailing lists