[PATCH][next] vhost: Use flex_array_size() helper in copy_from_user()

From: Gustavo A. R. Silva
Date: Fri Jul 31 2020 - 09:03:56 EST

Next message: Michael Ellerman: "[GIT PULL] Please pull powerpc/linux.git powerpc-5.8-8 tag"
Previous message: Sakari Ailus: "Re: [PATCH 1/2] media: i2c: ov5640: Enable data pins on startup for DVP mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Make use of the flex_array_size() helper to calculate the size of a
flexible array member within an enclosing structure.

This helper offers defense-in-depth against potential integer
overflows, while at the same time makes it explicitly clear that
we are dealing with a flexible array member.

Signed-off-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
---
drivers/vhost/vhost.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
index 74d135ee7e26..1a22a254abe4 100644
--- a/drivers/vhost/vhost.c
+++ b/drivers/vhost/vhost.c
@@ -1405,7 +1405,7 @@ static long vhost_set_memory(struct vhost_dev *d, struct vhost_memory __user *m)

memcpy(newmem, &mem, size);
if (copy_from_user(newmem->regions, m->regions,
- mem.nregions * sizeof *m->regions)) {
+ flex_array_size(newmem, regions, mem.nregions))) {
kvfree(newmem);
return -EFAULT;
}
--
2.27.0

Next message: Michael Ellerman: "[GIT PULL] Please pull powerpc/linux.git powerpc-5.8-8 tag"
Previous message: Sakari Ailus: "Re: [PATCH 1/2] media: i2c: ov5640: Enable data pins on startup for DVP mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]