One of the more common cases of allocation size calculations is finding
the size of a structure that has a zero-sized array at the end, along
with memory for some number of elements for that array. For example:
struct nfp_tun_active_tuns {
...
struct route_ip_info {
__be32 ipv4;
__be32 egress_port;
__be32 extra[2];
} tun_info[];
};
Make use of the struct_size() helper instead of an open-coded version
in order to avoid any potential type mistakes.
So, replace the following form:
sizeof(struct nfp_tun_active_tuns) + sizeof(struct route_ip_info) * count
with:
struct_size(payload, tun_info, count)
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <[email protected]>
---
drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c b/drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c
index 8c67505865a4..a7a80f4b722a 100644
--- a/drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c
+++ b/drivers/net/ethernet/netronome/nfp/flower/tunnel_conf.c
@@ -162,8 +162,7 @@ void nfp_tunnel_keep_alive(struct nfp_app *app, struct sk_buff *skb)
}
pay_len = nfp_flower_cmsg_get_data_len(skb);
- if (pay_len != sizeof(struct nfp_tun_active_tuns) +
- sizeof(struct route_ip_info) * count) {
+ if (pay_len != struct_size(payload, tun_info, count)) {
nfp_flower_cmsg_warn(app, "Corruption in tunnel keep-alive message.\n");
return;
}
--
2.21.0
On Wed, 5 Jun 2019 15:38:27 -0500, Gustavo A. R. Silva wrote:
> One of the more common cases of allocation size calculations is finding
> the size of a structure that has a zero-sized array at the end, along
> with memory for some number of elements for that array. For example:
>
> struct nfp_tun_active_tuns {
> ...
> struct route_ip_info {
> __be32 ipv4;
> __be32 egress_port;
> __be32 extra[2];
> } tun_info[];
> };
>
> Make use of the struct_size() helper instead of an open-coded version
> in order to avoid any potential type mistakes.
>
> So, replace the following form:
>
> sizeof(struct nfp_tun_active_tuns) + sizeof(struct route_ip_info) * count
>
> with:
>
> struct_size(payload, tun_info, count)
>
> This code was detected with the help of Coccinelle.
>
> Signed-off-by: Gustavo A. R. Silva <[email protected]>
Acked-by: Jakub Kicinski <[email protected]>
Thanks!
From: "Gustavo A. R. Silva" <[email protected]>
Date: Wed, 5 Jun 2019 15:38:27 -0500
> One of the more common cases of allocation size calculations is finding
> the size of a structure that has a zero-sized array at the end, along
> with memory for some number of elements for that array. For example:
>
> struct nfp_tun_active_tuns {
> ...
> struct route_ip_info {
> __be32 ipv4;
> __be32 egress_port;
> __be32 extra[2];
> } tun_info[];
> };
>
> Make use of the struct_size() helper instead of an open-coded version
> in order to avoid any potential type mistakes.
>
> So, replace the following form:
>
> sizeof(struct nfp_tun_active_tuns) + sizeof(struct route_ip_info) * count
>
> with:
>
> struct_size(payload, tun_info, count)
>
> This code was detected with the help of Coccinelle.
>
> Signed-off-by: Gustavo A. R. Silva <[email protected]>
Applied.