drivers/gpu/drm/i915/gem/selftests/mock_dmabuf.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)
From: luoqing <luoqing@kylinos.cn>
Make use of the struct_size() helper instead of an open-coded version,
in order to avoid any potential type mistakes or integer overflows that,
in the worst scenario, could lead to heap overflows.
Signed-off-by: luoqing <luoqing@kylinos.cn>
---
drivers/gpu/drm/i915/gem/selftests/mock_dmabuf.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/i915/gem/selftests/mock_dmabuf.c b/drivers/gpu/drm/i915/gem/selftests/mock_dmabuf.c
index 075657018739..5cd58e0f0dcf 100644
--- a/drivers/gpu/drm/i915/gem/selftests/mock_dmabuf.c
+++ b/drivers/gpu/drm/i915/gem/selftests/mock_dmabuf.c
@@ -103,8 +103,7 @@ static struct dma_buf *mock_dmabuf(int npages)
struct dma_buf *dmabuf;
int i;
- mock = kmalloc(sizeof(*mock) + npages * sizeof(struct page *),
- GFP_KERNEL);
+ mock = kmalloc(struct_size(mock, pages, npages), GFP_KERNEL);
if (!mock)
return ERR_PTR(-ENOMEM);
--
2.27.0Hi, On Sat, Feb 08, 2025 at 09:35:39AM +0800, l1138897701@163.com wrote: > From: luoqing <luoqing@kylinos.cn> > > Make use of the struct_size() helper instead of an open-coded version, > in order to avoid any potential type mistakes or integer overflows that, > in the worst scenario, could lead to heap overflows. > > Signed-off-by: luoqing <luoqing@kylinos.cn> merged to drm-intel-gt-next. Thanks, Andi
Hi luoqing, On Sat, Feb 08, 2025 at 09:35:39AM +0800, l1138897701@163.com wrote: > From: luoqing <luoqing@kylinos.cn> > > Make use of the struct_size() helper instead of an open-coded version, > in order to avoid any potential type mistakes or integer overflows that, > in the worst scenario, could lead to heap overflows. > > Signed-off-by: luoqing <luoqing@kylinos.cn> Reviewed-by: Andi Shyti <andi.shyti@linux.intel.com> Thanks, Andi
© 2016 - 2026 Red Hat, Inc.