Add the __counted_by compiler attribute to the flexible array member
cands to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.
Increment cnt before adding a new struct to the cands array.
Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxxx>
---
kernel/bpf/btf.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 520f49f422fe..42bc70a56fcd 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -7240,7 +7240,7 @@ struct bpf_cand_cache {
struct {
const struct btf *btf;
u32 id;
- } cands[];
+ } cands[] __counted_by(cnt);
};
static DEFINE_MUTEX(cand_cache_mutex);
@@ -8784,9 +8784,9 @@ bpf_core_add_cands(struct bpf_cand_cache *cands, const struct btf *targ_btf,
memcpy(new_cands, cands, sizeof_cands(cands->cnt));
bpf_free_cands(cands);
cands = new_cands;
- cands->cands[cands->cnt].btf = targ_btf;
- cands->cands[cands->cnt].id = i;
cands->cnt++;
+ cands->cands[cands->cnt - 1].btf = targ_btf;
+ cands->cands[cands->cnt - 1].id = i;
}
return cands;
}
--
2.46.0
