lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 31 May 2023 11:31:50 +0300
From:   Dan Carpenter <dan.carpenter@...aro.org>
To:     Su Hui <suhui@...china.com>
Cc:     Ben Skeggs <bskeggs@...hat.com>, Karol Herbst <kherbst@...hat.com>,
        Lyude Paul <lyude@...hat.com>,
        David Airlie <airlied@...il.com>,
        Daniel Vetter <daniel@...ll.ch>, airlied@...hat.com,
        dri-devel@...ts.freedesktop.org, nouveau@...ts.freedesktop.org,
        linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] drm/nouveau/nvif: use struct_size()

On Wed, May 31, 2023 at 12:38:26PM +0800, Su Hui wrote:
> Use struct_size() instead of hand writing it.
> This is less verbose and more informative.
> 
> Signed-off-by: Su Hui <suhui@...china.com>
> ---
>  drivers/gpu/drm/nouveau/nvif/object.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/gpu/drm/nouveau/nvif/object.c b/drivers/gpu/drm/nouveau/nvif/object.c
> index 4d1aaee8fe15..4bd693aa4ee0 100644
> --- a/drivers/gpu/drm/nouveau/nvif/object.c
> +++ b/drivers/gpu/drm/nouveau/nvif/object.c
> @@ -65,7 +65,7 @@ nvif_object_sclass_get(struct nvif_object *object, struct nvif_sclass **psclass)
>  	u32 size;
>  
>  	while (1) {
> -		size = sizeof(*args) + cnt * sizeof(args->sclass.oclass[0]);
> +		size = struct_size(args, sclass.oclass, cnt);

This is from the original code, but now that you are using the
struct_size() macro static checkers will complain about it.  (Maybe they
don't yet?).  size is a u32.  Never save struct_size() returns to
anything except unsigned long or size_t.  (ssize_t is also fine, I
suppose).  Otherwise, you do not benefit from the integer overflow
checking.

>  		if (!(args = kmalloc(size, GFP_KERNEL)))
>  			return -ENOMEM;
>  		args->ioctl.version = 0;

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ