[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <87zfa94vra.fsf@ocarina.mail-host-address-is-not-set>
Date: Thu, 02 Oct 2025 09:18:17 +0200
From: Javier Martinez Canillas <javierm@...hat.com>
To: Thomas Zimmermann <tzimmermann@...e.de>, Bhanu Seshu Kumar Valluri
<bhanuseshukumar@...il.com>, Maarten Lankhorst
<maarten.lankhorst@...ux.intel.com>, Maxime Ripard <mripard@...nel.org>,
David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>
Cc: dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
linux-kernel-mentees@...ts.linuxfoundation.org, skhan@...uxfoundation.org,
david.hunter.linux@...il.com, khalid@...nel.org
Subject: Re: [PATCH] drm/ssd130x: Use kmalloc_array to prevent overflow of
dynamic size calculation
Thomas Zimmermann <tzimmermann@...e.de> writes:
Hello Bhanu and Thomas,
> Hi
>
> Am 02.10.25 um 03:33 schrieb Bhanu Seshu Kumar Valluri:
>> Use kmalloc_array to avoid potential overflow during dynamic size calculation
>> inside kmalloc.
>>
>> Signed-off-by: Bhanu Seshu Kumar Valluri <bhanuseshukumar@...il.com>
>> ---
The same patch was posted by another developer a couple of weeks ago
and is now queued already in the drm-misc-next branch:
https://cgit.freedesktop.org/drm/drm-misc/commit/?id=940dd88c5f5bdb1f3e19873a856a677ebada63a9
>> Note:
>> Patch compiled successfully.
>> No functionality change is intended.
>>
>> drivers/gpu/drm/solomon/ssd130x.c | 6 +++---
>> 1 file changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/solomon/ssd130x.c b/drivers/gpu/drm/solomon/ssd130x.c
>> index eec43d1a5595..8368f0ffbe1e 100644
>> --- a/drivers/gpu/drm/solomon/ssd130x.c
>> +++ b/drivers/gpu/drm/solomon/ssd130x.c
>> @@ -1498,7 +1498,7 @@ static int ssd130x_crtc_atomic_check(struct drm_crtc *crtc,
>> if (ret)
>> return ret;
>>
>> - ssd130x_state->data_array = kmalloc(ssd130x->width * pages, GFP_KERNEL);
>> + ssd130x_state->data_array = kmalloc_array(ssd130x->width, pages, GFP_KERNEL);
>
> The first parameter is the number of elements. The second parameter is
> the size of an individual element. So the arguments should be swapped.
> Same for the other changes.
>
> I know it's nitpicking, but who knows what it'll be good for. Fun fact
> is that even kmalloc_array mixes up both parameters internally.
>
You are right. I didn't notice this subtlety when reviewing mentioned
patch that pushed to drm-misc-next.
> Best regards
> Thomas
>
>
--
Best regards,
Javier Martinez Canillas
Core Platforms
Red Hat
Powered by blists - more mailing lists