Make use of the struct_size() helper instead of an open-coded version
in order to avoid any potential type mistakes, in particular in the
context in which this code is being used.
So, replace the following form:
sizeof(*resp) + (i * sizeof(struct ib_path_rec_data))
with:
struct_size(resp, path_data, i)
This code was detected with the help of Coccinelle.
Signed-off-by: Gustavo A. R. Silva <[email protected]>
---
drivers/infiniband/core/ucma.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
index 140a338a135f..cbe460076611 100644
--- a/drivers/infiniband/core/ucma.c
+++ b/drivers/infiniband/core/ucma.c
@@ -951,8 +951,7 @@ static ssize_t ucma_query_path(struct ucma_context *ctx,
}
}
- if (copy_to_user(response, resp,
- sizeof(*resp) + (i * sizeof(struct ib_path_rec_data))))
+ if (copy_to_user(response, resp, struct_size(resp, path_data, i)))
ret = -EFAULT;
kfree(resp);
--
2.21.0
On Tue, Jun 04, 2019 at 10:42:22AM -0500, Gustavo A. R. Silva wrote:
> Make use of the struct_size() helper instead of an open-coded version
> in order to avoid any potential type mistakes, in particular in the
> context in which this code is being used.
What does "in particular in the context in which this code is being
used" mean?
>
> So, replace the following form:
>
> sizeof(*resp) + (i * sizeof(struct ib_path_rec_data))
>
> with:
>
> struct_size(resp, path_data, i)
It is already written inside commit itself.
>
> This code was detected with the help of Coccinelle.
>
> Signed-off-by: Gustavo A. R. Silva <[email protected]>
> ---
> drivers/infiniband/core/ucma.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
> index 140a338a135f..cbe460076611 100644
> --- a/drivers/infiniband/core/ucma.c
> +++ b/drivers/infiniband/core/ucma.c
> @@ -951,8 +951,7 @@ static ssize_t ucma_query_path(struct ucma_context *ctx,
> }
> }
>
> - if (copy_to_user(response, resp,
> - sizeof(*resp) + (i * sizeof(struct ib_path_rec_data))))
> + if (copy_to_user(response, resp, struct_size(resp, path_data, i)))
> ret = -EFAULT;
>
> kfree(resp);
> --
> 2.21.0
>
On Tue, Jun 04, 2019 at 10:42:22AM -0500, Gustavo A. R. Silva wrote:
> Make use of the struct_size() helper instead of an open-coded version
> in order to avoid any potential type mistakes, in particular in the
> context in which this code is being used.
>
> So, replace the following form:
>
> sizeof(*resp) + (i * sizeof(struct ib_path_rec_data))
>
> with:
>
> struct_size(resp, path_data, i)
>
> This code was detected with the help of Coccinelle.
>
> Signed-off-by: Gustavo A. R. Silva <[email protected]>
> ---
> drivers/infiniband/core/ucma.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
Applied to for-next, thanks
Jason
On 04.06.19 17:42, Gustavo A. R. Silva wrote:
Hi,
<snip>
> diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
> index 140a338a135f..cbe460076611 100644
> --- a/drivers/infiniband/core/ucma.c
> +++ b/drivers/infiniband/core/ucma.c
> @@ -951,8 +951,7 @@ static ssize_t ucma_query_path(struct ucma_context *ctx,
> }
> }
>
> - if (copy_to_user(response, resp,
> - sizeof(*resp) + (i * sizeof(struct ib_path_rec_data))))
> + if (copy_to_user(response, resp, struct_size(resp, path_data, i)))
> ret = -EFAULT;
have you already considered further reducing the boilerplate by putting
this into it's own helper macro, so it finally would look like this ?
+ if (copy_to_user_structs(response, resp, resp, path_data, i)))
> ret = -EFAULT;
You've posted similar patches that also affected things like kzalloc().
Maybe for those it would be better candidates for putting everything
into its own helper macro ? (I've already got that on my 2do list, but
not sure whether maintainers really like to be bothered with those
kind of patches ;-)).
--mtx
--
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
[email protected] -- +49-151-27565287