Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp842801ybi;
        Wed, 19 Jun 2019 08:45:27 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzyW6JR+gOv4SJoKp8N3ITXEtm/yLMNLL+qFq7jgJtkFsKHUg/TY+GLXXVa2lbYmcFw4Vd7
X-Received: by 2002:a63:4c1c:: with SMTP id z28mr8305626pga.122.1560959127424;
        Wed, 19 Jun 2019 08:45:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560959127; cv=none;
        d=google.com; s=arc-20160816;
        b=hjr4Ou6gCU9gIoFENyFkkbgDq5eORSYIeQhobJyd/9+rnjBFD85B5VJ4zUVC8rTrXJ
         4OJqMYcVxKpfpWyfC3TmeHhKD2JwydChMtLrQx1mc0hA/fS3Mtj5O8RAxFGpnZypZr1+
         31n03imt8u/gR/CO3ShAK+jQW7w5jJSCdsQtQy8WjIvZv3wBZHwgcw3Nb0nCisF7QIS3
         kue7NpOajjC5iR36Kpttq21JvgEIWDT5w6wXSuegP1P9nqd8UsA6ddGI80j5ZKz2SFUx
         YWTjTwvjeg47/fBQaR7Kvz93YViJ/BnSBcjUCMIsDM7oOknuATK//FT9Z4qI6yyfg7a7
         NgqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=NVhZkIpuqF80loACQlfA3nngRhiXTO/ETsZc8Vi9mck=;
        b=0M4RabaAeJTtqaoKmI0fUJOXG2gDD9/kcBvnM9iN4RYgfSGO23puiNxEpHzvPbhTJd
         sP+i7Ch4bd/LrVqHmo5Ab8DYRXR7L4MKRr05N06WpPvqTwoslntiJie7CAKhJ3mHEliy
         VDrKL5e9M0xSLEEJ37HMPjqyg7OECrRFn8E4wfMF8862/N7o+IAU4fEknQeOUChTZs4E
         a+lvnnQx6Q6L6r2HpbIsPXg69FkAmvRhvoRWrguUCrg9vldjO8mtDrqfrvTG+AX0szQ8
         xtsK/HNxKNfaHcVHlFbye4G5nK0OlnfFggt4tlsnGiKYUc4NnEyAmkDGbIm4snSmg+bY
         eTNw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=Uph08Elt;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o37si1835549pjb.20.2019.06.19.08.45.11;
        Wed, 19 Jun 2019 08:45:27 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=Uph08Elt;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729072AbfFSPpG (ORCPT <rfc822;radocaj.bane@gmail.com>
        + 99 others); Wed, 19 Jun 2019 11:45:06 -0400
Received: from mail-ot1-f67.google.com ([209.85.210.67]:44189 "EHLO
        mail-ot1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726496AbfFSPpG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 19 Jun 2019 11:45:06 -0400
Received: by mail-ot1-f67.google.com with SMTP id b7so19729605otl.11
        for <linux-kernel@vger.kernel.org>; Wed, 19 Jun 2019 08:45:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=NVhZkIpuqF80loACQlfA3nngRhiXTO/ETsZc8Vi9mck=;
        b=Uph08Elt4sY5M1gdp6uPHTfoYyfoI40fGabdUiaU5qKgq7fkz3GvMzVEQ3ctKK62tE
         wpt/Vaid9Vq9zvD/MUMuqWDTbTSTmAQSHqOgHQ9ybVTur9oq+IgnR7jfsM7ed76QrGwr
         OM3s8cZhE9SQEGAivymCmShm+Q1HrkYXA4XvQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=NVhZkIpuqF80loACQlfA3nngRhiXTO/ETsZc8Vi9mck=;
        b=KqLbXi0Z8e4uGH1eO1baba10zEwTmpeNwnfUu+KPkABQk8uIsUmhJJE1l2I2fnEwjt
         H0U9wx9rnvqeWcLjbzDfRk5p7aq8hsv3vXPVX3q7bzj0Jr/Vaj4GqW03uE7Ir2Itxho4
         BLS4YCUvXmHLdYfsLOWtl4wiIQyO1KNwHQIvyqCPPuKZuvebKrLzkhTqu3smDOfFonpw
         CS+ONuVER5K1UIbPi/3kuh8Dl5LBg4vj+MorSSpQI8EQM1ahx0CYAIJylYbu6UnOBFt6
         M0XuMdBdXS9BUkg+3eEHJWVSJL3m+gwap0eDZK497+gxzGjA6Tr3uPKr2uqQvbmlfRQo
         9lRg==
X-Gm-Message-State: APjAAAV2aBqtwmAdy9S39Y03XVeZ6723/vcIKFlx/ghm4uFREWoGhhYN
        UALLwuwfM52dwCKrOiVqWPycymZb2iQ=
X-Received: by 2002:a9d:6c17:: with SMTP id f23mr7231285otq.174.1560959104579;
        Wed, 19 Jun 2019 08:45:04 -0700 (PDT)
Received: from mail-oi1-f175.google.com (mail-oi1-f175.google.com. [209.85.167.175])
        by smtp.gmail.com with ESMTPSA id q20sm6603511otm.32.2019.06.19.08.45.03
        for <linux-kernel@vger.kernel.org>
        (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128);
        Wed, 19 Jun 2019 08:45:03 -0700 (PDT)
Received: by mail-oi1-f175.google.com with SMTP id w196so10929739oie.7
        for <linux-kernel@vger.kernel.org>; Wed, 19 Jun 2019 08:45:03 -0700 (PDT)
X-Received: by 2002:aca:e10a:: with SMTP id y10mr2978774oig.111.1560959102372;
 Wed, 19 Jun 2019 08:45:02 -0700 (PDT)
MIME-Version: 1.0
References: <20190618153924.19491-1-colin.king@canonical.com> <20190619053012.GM28859@kadam>
In-Reply-To: <20190619053012.GM28859@kadam>
From:   Nick Crews <ncrews@chromium.org>
Date:   Wed, 19 Jun 2019 09:44:50 -0600
X-Gmail-Original-Message-ID: <CAHX4x85id5dwXrBSVHTZaRV43JGAxZwMkvnDN6yH5_Mg4UxRPg@mail.gmail.com>
Message-ID: <CAHX4x85id5dwXrBSVHTZaRV43JGAxZwMkvnDN6yH5_Mg4UxRPg@mail.gmail.com>
Subject: Re: [PATCH][next] platform/chrome: wilco_ec: fix null pointer
 dereference on failed kzalloc
To:     Dan Carpenter <dan.carpenter@oracle.com>
Cc:     Colin King <colin.king@canonical.com>,
        Benson Leung <bleung@chromium.org>,
        Enric Balletbo i Serra <enric.balletbo@collabora.com>,
        kernel-janitors@vger.kernel.org,
        linux-kernel <linux-kernel@vger.kernel.org>,
        Dmitry Torokhov <dtor@google.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jun 18, 2019 at 11:30 PM Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> On Tue, Jun 18, 2019 at 04:39:24PM +0100, Colin King wrote:
> > diff --git a/drivers/platform/chrome/wilco_ec/event.c b/drivers/platform/chrome/wilco_ec/event.c
> > index c975b76e6255..e251a989b152 100644
> > --- a/drivers/platform/chrome/wilco_ec/event.c
> > +++ b/drivers/platform/chrome/wilco_ec/event.c
> > @@ -112,8 +112,11 @@ module_param(queue_size, int, 0644);
> >  static struct ec_event_queue *event_queue_new(int capacity)
> >  {
> >       size_t entries_size = sizeof(struct ec_event *) * capacity;
> > -     struct ec_event_queue *q = kzalloc(sizeof(*q) + entries_size,
> > -                                        GFP_KERNEL);
> > +     struct ec_event_queue *q;
> > +
> > +     q = kzalloc(sizeof(*q) + entries_size, GFP_KERNEL);
> > +     if (!q)
> > +             return NULL;
>
> We have a new struct_size() macro designed for these allocations.
>
>         q = kzalloc(struct_size(q, entries, capacity), GFP_KERNEL);
>
> The advantage is that it checks for integer overflows.
>
> regards,
> dan carpenter
>

Thanks Dan, I like that.

Dmitry Torokhov also had some thoughts on this patch at
https://crrev.com/c/1661053, I'll send a patch that adds this and
fixes his concerns in a bit.

Cheers,
Nick