Message ID | 20210929220526.GA355783@embeddedor (mailing list archive) |
---|---|
State | Mainlined |
Commit | f4a2d282cca57607a0d6718fafa1ab2d62703254 |
Headers | show |
Series | [next] apparmor: Use struct_size() helper in kzalloc() | expand |
On 9/29/21 3:05 PM, Gustavo A. R. Silva wrote: > Make use of the struct_size() helper instead of an open-coded version, > in order to avoid any potential type mistakes or integer overflows that, > in the worse scenario, could lead to heap overflows. >> Link: https://github.com/KSPP/linux/issues/160 > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> nice I will pull this into my tree Acked-by: John Johansen <john.johansen@canonical.com> > --- > security/apparmor/label.c | 3 +-- > security/apparmor/policy.c | 3 +-- > 2 files changed, 2 insertions(+), 4 deletions(-) > > diff --git a/security/apparmor/label.c b/security/apparmor/label.c > index 6222fdfebe4e..0b0265da1926 100644 > --- a/security/apparmor/label.c > +++ b/security/apparmor/label.c > @@ -425,8 +425,7 @@ struct aa_label *aa_label_alloc(int size, struct aa_proxy *proxy, gfp_t gfp) > AA_BUG(size < 1); > > /* + 1 for null terminator entry on vec */ > - new = kzalloc(sizeof(*new) + sizeof(struct aa_profile *) * (size + 1), > - gfp); > + new = kzalloc(struct_size(new, vec, size + 1), gfp); > AA_DEBUG("%s (%p)\n", __func__, new); > if (!new) > goto fail; > diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c > index 17191a9eae41..5827dbdfbfca 100644 > --- a/security/apparmor/policy.c > +++ b/security/apparmor/policy.c > @@ -260,8 +260,7 @@ struct aa_profile *aa_alloc_profile(const char *hname, struct aa_proxy *proxy, > struct aa_profile *profile; > > /* freed by free_profile - usually through aa_put_profile */ > - profile = kzalloc(sizeof(*profile) + sizeof(struct aa_profile *) * 2, > - gfp); > + profile = kzalloc(struct_size(profile, label.vec, 2), gfp); > if (!profile) > return NULL; > >
On Fri, Oct 01, 2021 at 04:37:08PM -0700, John Johansen wrote: > On 9/29/21 3:05 PM, Gustavo A. R. Silva wrote: > > Make use of the struct_size() helper instead of an open-coded version, > > in order to avoid any potential type mistakes or integer overflows that, > > in the worse scenario, could lead to heap overflows. > >> Link: https://github.com/KSPP/linux/issues/160 > > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> > > nice > > I will pull this into my tree > Acked-by: John Johansen <john.johansen@canonical.com> Thanks, John. -- Gustavo
diff --git a/security/apparmor/label.c b/security/apparmor/label.c index 6222fdfebe4e..0b0265da1926 100644 --- a/security/apparmor/label.c +++ b/security/apparmor/label.c @@ -425,8 +425,7 @@ struct aa_label *aa_label_alloc(int size, struct aa_proxy *proxy, gfp_t gfp) AA_BUG(size < 1); /* + 1 for null terminator entry on vec */ - new = kzalloc(sizeof(*new) + sizeof(struct aa_profile *) * (size + 1), - gfp); + new = kzalloc(struct_size(new, vec, size + 1), gfp); AA_DEBUG("%s (%p)\n", __func__, new); if (!new) goto fail; diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index 17191a9eae41..5827dbdfbfca 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -260,8 +260,7 @@ struct aa_profile *aa_alloc_profile(const char *hname, struct aa_proxy *proxy, struct aa_profile *profile; /* freed by free_profile - usually through aa_put_profile */ - profile = kzalloc(sizeof(*profile) + sizeof(struct aa_profile *) * 2, - gfp); + profile = kzalloc(struct_size(profile, label.vec, 2), gfp); if (!profile) return NULL;
Make use of the struct_size() helper instead of an open-coded version, in order to avoid any potential type mistakes or integer overflows that, in the worse scenario, could lead to heap overflows. Link: https://github.com/KSPP/linux/issues/160 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> --- security/apparmor/label.c | 3 +-- security/apparmor/policy.c | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-)