afs: Prefer struct_size over open coded arithmetic

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

As noted in the "Deprecated Interfaces, Language Features, Attributes,
and Conventions" documentation [1], size calculations (especially
multiplication) should not be performed in memory allocator (or similar)
function arguments due to the risk of them overflowing. This could lead
to values wrapping around and a smaller allocation being made than the
caller was expecting. Using those allocations could lead to linear
overflows of heap memory and other misbehaviors.

So, use the struct_size() helper to do the arithmetic instead of the
argument "size + size * count" in the kzalloc() function.

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments

Signed-off-by: Len Baker <len.baker@gmx.com>
Acked-by: David Howells <dhowells@redhat.com>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>

authored by

Len Baker and committed by

Gustavo A. R. Silva 3 years ago cc68c613 ce522ba9

+1 -2

1 changed file

expand all

afs

security.c

+1 -2

fs/afs/security.c

··· 219 219 * yet. 220 220 */ 221 221 size++; 222 - new = kzalloc(sizeof(struct afs_permits) + 223 - sizeof(struct afs_permit) * size, GFP_NOFS); 222 + new = kzalloc(struct_size(new, permits, size), GFP_NOFS); 224 223 if (!new) 225 224 goto out_put; 226 225