| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Feb 2024 20:27:32 -0800 From: Stephen Boyd <sboyd@...nel.org> To: Conor Dooley <conor.dooley@...rochip.com>, Dinh Nguyen <dinguyen@...nel.org>, Erick Archer <erick.archer@....com>, Gustavo A. R. Silva <gustavoars@...nel.org>, Heiko Stuebner <heiko@...ech.de>, Michael Turquette <mturquette@...libre.com>, Nick Alcock <nick.alcock@...cle.com>, Rob Herring <robh@...nel.org>, Uwe Kleine-König <u.kleine-koenig@...gutronix.de> Cc: Erick Archer <erick.archer@....com>, linux-clk@...r.kernel.org, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH] clk: hisilicon: Use devm_kcalloc() instead of devm_kzalloc() Quoting Erick Archer (2024-01-21 06:29:46) > As noted in the "Deprecated Interfaces, Language Features, Attributes, > and Conventions" documentation [1], size calculations (especially > multiplication) should not be performed in memory allocator (or similar) > function arguments due to the risk of them overflowing. This could lead > to values wrapping around and a smaller allocation being made than the > caller was expecting. Using those allocations could lead to linear > overflows of heap memory and other misbehaviors. > > So, use the purpose specific devm_kcalloc() function instead of the > argument size * count in the devm_kzalloc() function. > > Link: https://www.kernel.org/doc/html/next/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments [1] > Link: https://github.com/KSPP/linux/issues/162 > Signed-off-by: Erick Archer <erick.archer@....com> > --- Applied to clk-next
Powered by blists - more mailing lists