From: GUO Zihua <guozihua@huawei.com>
To: <linux-integrity@vger.kernel.org>
Cc: <zohar@linux.ibm.com>, <dhowells@redhat.com>, <jarkko@kernel.org>,
<keyrings@vger.kernel.org>
Subject: [PATCH] keys: Use struct_size and size_add helper with alloc
Date: Thu, 19 May 2022 10:47:02 +0800 [thread overview]
Message-ID: <20220519024702.215223-1-guozihua@huawei.com> (raw)
Use struct_size helper for calculating size of flexible struct to avoid
potential issues and improve readibility. Use size_add to calculate
addition of size to prevent potential issues.
Reference: https://lore.kernel.org/all/CAHk-=wiGWjxs7EVUpccZEi6esvjpHJdgHQ=vtUeJ5crL62hx9A@mail.gmail.com/
Note: HASH_SIZE here is a SHA256_DIGEST_SIZE whoes value is 32, so
adding 1 should be fine here.
Signed-off-by: GUO Zihua <guozihua@huawei.com>
---
security/keys/encrypted-keys/encrypted.c | 7 +++++--
security/keys/user_defined.c | 2 +-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index e05cfc2e49ae..37349580e855 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -613,6 +613,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
long dlen;
int i;
int ret;
+ size_t epayload_datalen = 0;
ret = kstrtol(datalen, 10, &dlen);
if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
@@ -667,8 +668,10 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
if (ret < 0)
return ERR_PTR(ret);
- epayload = kzalloc(sizeof(*epayload) + payload_datalen +
- datablob_len + HASH_SIZE + 1, GFP_KERNEL);
+ epayload_datalen = size_add(payload_datalen, datablob_len);
+ epayload_datalen = size_add(epayload_datalen, HASH_SIZE + 1);
+ epayload = kzalloc(struct_size(epayload, payload_data,
+ epayload_datalen), GFP_KERNEL);
if (!epayload)
return ERR_PTR(-ENOMEM);
diff --git a/security/keys/user_defined.c b/security/keys/user_defined.c
index 749e2a4dcb13..334fed36e9f3 100644
--- a/security/keys/user_defined.c
+++ b/security/keys/user_defined.c
@@ -64,7 +64,7 @@ int user_preparse(struct key_preparsed_payload *prep)
if (datalen <= 0 || datalen > 32767 || !prep->data)
return -EINVAL;
- upayload = kmalloc(sizeof(*upayload) + datalen, GFP_KERNEL);
+ upayload = kmalloc(struct_size(upayload, data, datalen), GFP_KERNEL);
if (!upayload)
return -ENOMEM;
--
2.36.0
next reply other threads:[~2022-05-19 2:48 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-19 2:47 GUO Zihua [this message]
2022-05-19 20:49 ` [PATCH] keys: Use struct_size and size_add helper with alloc Jarkko Sakkinen
2022-05-20 7:35 ` Guozihua (Scott)
2022-05-23 19:58 ` Jarkko Sakkinen
2022-05-24 1:58 ` Guozihua (Scott)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220519024702.215223-1-guozihua@huawei.com \
--to=guozihua@huawei.com \
--cc=dhowells@redhat.com \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.