drivers/staging/media/atomisp/pci/sh_css.c | 52 +++++++++++----------- 1 file changed, 27 insertions(+), 25 deletions(-)
Replace kmalloc(count * sizeof) with kmalloc_array() for safer memory
allocation and overflow prevention.
Signed-off-by: Qianfeng Rong <rongqianfeng@vivo.com>
---
drivers/staging/media/atomisp/pci/sh_css.c | 52 +++++++++++-----------
1 file changed, 27 insertions(+), 25 deletions(-)
diff --git a/drivers/staging/media/atomisp/pci/sh_css.c b/drivers/staging/media/atomisp/pci/sh_css.c
index 73bd87f43a8c..f7ce2872ced7 100644
--- a/drivers/staging/media/atomisp/pci/sh_css.c
+++ b/drivers/staging/media/atomisp/pci/sh_css.c
@@ -5821,36 +5821,37 @@ static int ia_css_pipe_create_cas_scaler_desc_single_output(
i *= max_scale_factor_per_stage;
}
- descr->in_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->in_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->in_info) {
err = -ENOMEM;
goto ERR;
}
- descr->internal_out_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->internal_out_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->internal_out_info) {
err = -ENOMEM;
goto ERR;
}
- descr->out_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->out_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->out_info) {
err = -ENOMEM;
goto ERR;
}
- descr->vf_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->vf_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->vf_info) {
err = -ENOMEM;
goto ERR;
}
- descr->is_output_stage = kmalloc(descr->num_stage * sizeof(bool),
- GFP_KERNEL);
+ descr->is_output_stage = kmalloc_array(descr->num_stage,
+ sizeof(bool),
+ GFP_KERNEL);
if (!descr->is_output_stage) {
err = -ENOMEM;
goto ERR;
@@ -5977,29 +5978,30 @@ ia_css_pipe_create_cas_scaler_desc(struct ia_css_pipe *pipe,
err = -ENOMEM;
goto ERR;
}
- descr->internal_out_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->internal_out_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->internal_out_info) {
err = -ENOMEM;
goto ERR;
}
- descr->out_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->out_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->out_info) {
err = -ENOMEM;
goto ERR;
}
- descr->vf_info = kmalloc(descr->num_stage *
- sizeof(struct ia_css_frame_info),
- GFP_KERNEL);
+ descr->vf_info = kmalloc_array(descr->num_stage,
+ sizeof(struct ia_css_frame_info),
+ GFP_KERNEL);
if (!descr->vf_info) {
err = -ENOMEM;
goto ERR;
}
- descr->is_output_stage = kmalloc(descr->num_stage * sizeof(bool),
- GFP_KERNEL);
+ descr->is_output_stage = kmalloc_array(descr->num_stage,
+ sizeof(bool),
+ GFP_KERNEL);
if (!descr->is_output_stage) {
err = -ENOMEM;
goto ERR;
--
2.34.1On Sun, Aug 17, 2025 at 05:29:39PM +0800, Qianfeng Rong wrote: > Replace kmalloc(count * sizeof) with kmalloc_array() for safer memory > allocation and overflow prevention. ... > - descr->in_info = kmalloc(descr->num_stage * > - sizeof(struct ia_css_frame_info), > - GFP_KERNEL); > + descr->in_info = kmalloc_array(descr->num_stage, > + sizeof(struct ia_css_frame_info), > + GFP_KERNEL); At the same time it would be nice to use sizeof(*...) variants instead of using type-based. -- With Best Regards, Andy Shevchenko
在 2025/8/20 23:05, Andy Shevchenko 写道: > On Sun, Aug 17, 2025 at 05:29:39PM +0800, Qianfeng Rong wrote: >> Replace kmalloc(count * sizeof) with kmalloc_array() for safer memory >> allocation and overflow prevention. > ... > >> - descr->in_info = kmalloc(descr->num_stage * >> - sizeof(struct ia_css_frame_info), >> - GFP_KERNEL); >> + descr->in_info = kmalloc_array(descr->num_stage, >> + sizeof(struct ia_css_frame_info), >> + GFP_KERNEL); > At the same time it would be nice to use sizeof(*...) variants instead of using > type-based. I prefer sizeof(type), but using sizeof(*ptr) here shortens the line and is indeed better. Best regards, Qianfeng
On Thu, Aug 21, 2025 at 6:27 AM Qianfeng Rong <rongqianfeng@vivo.com> wrote: > 在 2025/8/20 23:05, Andy Shevchenko 写道: > > On Sun, Aug 17, 2025 at 05:29:39PM +0800, Qianfeng Rong wrote: ... > >> - descr->in_info = kmalloc(descr->num_stage * > >> - sizeof(struct ia_css_frame_info), > >> - GFP_KERNEL); > >> + descr->in_info = kmalloc_array(descr->num_stage, > >> + sizeof(struct ia_css_frame_info), > >> + GFP_KERNEL); > > At the same time it would be nice to use sizeof(*...) variants instead of using > > type-based. > I prefer sizeof(type), Preference for sizeof(*...) is for a reason, and main one is the robustness against type changes. The shortened line is a bonus. > but using sizeof(*ptr) here shortens the line and > is indeed better. -- With Best Regards, Andy Shevchenko
在 2025/8/21 12:39, Andy Shevchenko 写道: > On Thu, Aug 21, 2025 at 6:27 AM Qianfeng Rong <rongqianfeng@vivo.com> wrote: >> 在 2025/8/20 23:05, Andy Shevchenko 写道: >>> On Sun, Aug 17, 2025 at 05:29:39PM +0800, Qianfeng Rong wrote: > ... > >>>> - descr->in_info = kmalloc(descr->num_stage * >>>> - sizeof(struct ia_css_frame_info), >>>> - GFP_KERNEL); >>>> + descr->in_info = kmalloc_array(descr->num_stage, >>>> + sizeof(struct ia_css_frame_info), >>>> + GFP_KERNEL); >>> At the same time it would be nice to use sizeof(*...) variants instead of using >>> type-based. >> I prefer sizeof(type), > Preference for sizeof(*...) is for a reason, and main one is the > robustness against type changes. The shortened line is a bonus. After checking some references, I confirm that what you said is correct. I will send version 2. Thank you very much. > >> but using sizeof(*ptr) here shortens the line and >> is indeed better. >> Best regards, Qianfeng
© 2016 - 2025 Red Hat, Inc.