Re: [PATCH] clk: npcm7xx: fix memory allocation
From: Avi Fishman
Date: Sun Aug 26 2018 - 10:04:03 EST
On Fri, Aug 24, 2018 at 2:18 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> On Thu, Aug 23, 2018 at 4:06 PM, Gustavo A. R. Silva
> <gustavo@xxxxxxxxxxxxxx> wrote:
> > One of the more common cases of allocation size calculations is finding
> > the size of a structure that has a zero-sized array at the end, along
> > with memory for some number of elements for that array. For example:
> >
> > struct foo {
> > int stuff;
> > void *entry[];
> > };
> >
> > instance = kzalloc(sizeof(struct foo) + sizeof(void *) * count,
> > GFP_KERNEL);
> >
> > Instead of leaving these open-coded and prone to type mistakes, we can
> > now use the new struct_size() helper:
> >
> > instance = kzalloc(struct_size(instance, entry, count), GFP_KERNEL);
> >
> > Notice that, currently, there is a bug during the allocation:
> >
> > sizeof(npcm7xx_clk_data) should be sizeof(*npcm7xx_clk_data)
> >
> > Fix this bug by using struct_size() in kzalloc()
> >
> > This issue was detected with the help of Coccinelle.
> >
> > Cc: stable@xxxxxxxxxxxxxxx
> > Signed-off-by: Gustavo A. R. Silva <gustavo@xxxxxxxxxxxxxx>
>
> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
Reviewed-by: Avi Fishman <avifishman70@xxxxxxxxx>
>
> -Kees
>
> > ---
> > drivers/clk/clk-npcm7xx.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/clk/clk-npcm7xx.c b/drivers/clk/clk-npcm7xx.c
> > index 740af90..c5edf8f 100644
> > --- a/drivers/clk/clk-npcm7xx.c
> > +++ b/drivers/clk/clk-npcm7xx.c
> > @@ -558,8 +558,8 @@ static void __init npcm7xx_clk_init(struct device_node *clk_np)
> > if (!clk_base)
> > goto npcm7xx_init_error;
> >
> > - npcm7xx_clk_data = kzalloc(sizeof(*npcm7xx_clk_data->hws) *
> > - NPCM7XX_NUM_CLOCKS + sizeof(npcm7xx_clk_data), GFP_KERNEL);
> > + npcm7xx_clk_data = kzalloc(struct_size(npcm7xx_clk_data, hws,
> > + NPCM7XX_NUM_CLOCKS), GFP_KERNEL);
> > if (!npcm7xx_clk_data)
> > goto npcm7xx_init_np_err;
> >
> > --
> > 2.7.4
> >
>
>
>
> --
> Kees Cook
> Pixel Security
--
Regards,
Avi