tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

scsi: qla2xxx: Use vmalloc_array() and vcalloc()

Use vmalloc_array() and vcalloc() to protect against multiplication
overflows.

The changes were done using the following Coccinelle
semantic patch:

// <smpl>
@initialize:ocaml@
@@

let rename alloc =
match alloc with
"vmalloc" -> "vmalloc_array"
| "vzalloc" -> "vcalloc"
| _ -> failwith "unknown"

@@
size_t e1,e2;
constant C1, C2;
expression E1, E2, COUNT, x1, x2, x3;
typedef u8;
typedef __u8;
type t = {u8,__u8,char,unsigned char};
identifier alloc = {vmalloc,vzalloc};
fresh identifier realloc = script:ocaml(alloc) { rename alloc };
@@

(
alloc(x1*x2*x3)
|
alloc(C1 * C2)
|
alloc((sizeof(t)) * (COUNT), ...)
|
- alloc((e1) * (e2))
+ realloc(e1, e2)
|
- alloc((e1) * (COUNT))
+ realloc(COUNT, e1)
|
- alloc((E1) * (E2))
+ realloc(E1, E2)
)
// </smpl>

Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Link: https://lore.kernel.org/r/20230627144339.144478-25-Julia.Lawall@inria.fr
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

authored by

Julia Lawall and committed by
Martin K. Petersen 04d91b78 b34c7dca

+2 -2
+2 -2
drivers/scsi/qla2xxx/qla_init.c
··· 8434 8434 ql_dbg(ql_dbg_init, vha, 0x0163, 8435 8435 "-> fwdt%u template allocate template %#x words...\n", 8436 8436 j, risc_size); 8437 - fwdt->template = vmalloc(risc_size * sizeof(*dcode)); 8437 + fwdt->template = vmalloc_array(risc_size, sizeof(*dcode)); 8438 8438 if (!fwdt->template) { 8439 8439 ql_log(ql_log_warn, vha, 0x0164, 8440 8440 "-> fwdt%u failed allocate template.\n", j); ··· 8689 8689 ql_dbg(ql_dbg_init, vha, 0x0173, 8690 8690 "-> fwdt%u template allocate template %#x words...\n", 8691 8691 j, risc_size); 8692 - fwdt->template = vmalloc(risc_size * sizeof(*dcode)); 8692 + fwdt->template = vmalloc_array(risc_size, sizeof(*dcode)); 8693 8693 if (!fwdt->template) { 8694 8694 ql_log(ql_log_warn, vha, 0x0174, 8695 8695 "-> fwdt%u failed allocate template.\n", j);