lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 3 Mar 2022 14:05:09 +0100
From:   Johan Hovold <johan@...nel.org>
To:     "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] USB: serial: ti_usb_3410_5052: Use struct_size()
 helper in ti_write_byte()

On Thu, Jan 20, 2022 at 03:31:31PM -0600, Gustavo A. R. Silva wrote:
> Make use of the struct_size() helper instead of an open-coded version,
> in order to avoid any potential type mistakes or integer overflows that,
> in the worst scenario, could lead to heap overflows.

This boiler-plate motivation doesn't apply here since the "variable"
size is in fact constant.

> Also, address the following sparse warnings:
> drivers/usb/serial/ti_usb_3410_5052.c:1521:16: warning: using sizeof on a flexible structure

And this bit is again bogus, since this off-by-default warning would
still be there with this patch applied.

> Link: https://github.com/KSPP/linux/issues/174
> Signed-off-by: Gustavo A. R. Silva <gustavoars@...nel.org>
> ---
>  drivers/usb/serial/ti_usb_3410_5052.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/usb/serial/ti_usb_3410_5052.c b/drivers/usb/serial/ti_usb_3410_5052.c
> index 18c0bd853392..03f98e61626f 100644
> --- a/drivers/usb/serial/ti_usb_3410_5052.c
> +++ b/drivers/usb/serial/ti_usb_3410_5052.c
> @@ -1512,13 +1512,13 @@ static int ti_write_byte(struct usb_serial_port *port,
>  			 u8 mask, u8 byte)
>  {
>  	int status;
> -	unsigned int size;
> +	size_t size;
>  	struct ti_write_data_bytes *data;
>  
>  	dev_dbg(&port->dev, "%s - addr 0x%08lX, mask 0x%02X, byte 0x%02X\n", __func__,
>  		addr, mask, byte);
>  
> -	size = sizeof(struct ti_write_data_bytes) + 2;
> +	size = struct_size(data, bData, 2);

I guess the change itself is fine otherwise and could be motivated as
documenting the constant.

At least as long as the compiler is smart enough to not generate any
additional code for this, there wouldn't be any downsides.

>  	data = kmalloc(size, GFP_KERNEL);
>  	if (!data)
>  		return -ENOMEM;

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ