user_namespace: Use kmemdup_array() instead of kmemdup() for multiple allocation

[PATCH -next] user_namespace: Use kmemdup_array() instead of kmemdup() for multiple allocation

Jinjie Ruan posted 1 patch 1 year, 3 months ago

Download mbox

kernel/user_namespace.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

Expand all Fold all

[PATCH -next] user_namespace: Use kmemdup_array() instead of kmemdup() for multiple allocation

Posted by Jinjie Ruan 1 year, 3 months ago

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
---
 kernel/user_namespace.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index 0b0b95418b16..aa0b2e47f2f2 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -853,9 +853,8 @@ static int sort_idmaps(struct uid_gid_map *map)
 	     cmp_extents_forward, NULL);
 
 	/* Only copy the memory from forward we actually need. */
-	map->reverse = kmemdup(map->forward,
-			       map->nr_extents * sizeof(struct uid_gid_extent),
-			       GFP_KERNEL);
+	map->reverse = kmemdup_array(map->forward, map->nr_extents,
+				     sizeof(struct uid_gid_extent), GFP_KERNEL);
 	if (!map->reverse)
 		return -ENOMEM;
 
-- 
2.34.1

Re: [PATCH -next] user_namespace: Use kmemdup_array() instead of kmemdup() for multiple allocation

Posted by Kees Cook 1 year, 3 months ago

On Wed, Aug 28, 2024 at 03:23:40PM +0800, Jinjie Ruan wrote:
> Let the kmemdup_array() take care about multiplication and possible
> overflows.
> 
> Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>

Reviewed-by: Kees Cook <kees@kernel.org>

-- 
Kees Cook