lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20220609200658.52gkhfmyxlo7m273@mercury.elektranox.org>
Date:   Thu, 9 Jun 2022 22:06:58 +0200
From:   Sebastian Reichel <sebastian.reichel@...labora.com>
To:     Xiaohui Zhang <xiaohuizhang@....edu.cn>
Cc:     linux-pm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] power: supply: cros_peripheral: Use struct_size()
 helper in kzalloc()

Hi,

On Tue, Jun 07, 2022 at 11:03:44PM +0800, Xiaohui Zhang wrote:
> Similar to the handling of cros_usbpd_charger_ec_command in commit 441d38c60fbe
> ("power: supply: cros_usbpd: Use struct_size() helper in kzalloc()"),
> we thought a patch might be needed here as well.
> 
> Make use of the struct_size() helper instead of an open-coded version,
> in order to avoid any potential type mistakes or integer overflows that,
> in the worst scenario, could lead to heap overflows.
> 
> Signed-off-by: Xiaohui Zhang <xiaohuizhang@....edu.cn>

Thanks, queued.

-- Sebastian

>  drivers/power/supply/cros_peripheral_charger.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/power/supply/cros_peripheral_charger.c b/drivers/power/supply/cros_peripheral_charger.c
> index 9fe6d826148d..1379afd9698d 100644
> --- a/drivers/power/supply/cros_peripheral_charger.c
> +++ b/drivers/power/supply/cros_peripheral_charger.c
> @@ -63,7 +63,7 @@ static int cros_pchg_ec_command(const struct charger_data *charger,
>  	struct cros_ec_command *msg;
>  	int ret;
>  
> -	msg = kzalloc(sizeof(*msg) + max(outsize, insize), GFP_KERNEL);
> +	msg = kzalloc(struct_size(msg, data, max(outsize, insize)), GFP_KERNEL);
>  	if (!msg)
>  		return -ENOMEM;
>  
> -- 
> 2.17.1
> 

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ