Hi Jiri, Eric,
On Mon, May 13, 2024 at 1:07 AM Jiri Slaby <jirislaby@xxxxxxxxxx> wrote:
>
> On 12. 05. 24, 13:17, Erick Archer wrote:
> > This is an effort to get rid of all multiplications from allocation
> > functions in order to prevent integer overflows [1][2].
> >
> > As the "dl" variable is a pointer to "struct rfcomm_dev_list_req" and
> > this structure ends in a flexible array:
> ...
> > --- a/include/net/bluetooth/rfcomm.h
> > +++ b/include/net/bluetooth/rfcomm.h
> ...
> > @@ -528,12 +527,12 @@ static int rfcomm_get_dev_list(void __user *arg)
> > list_for_each_entry(dev, &rfcomm_dev_list, list) {
> > if (!tty_port_get(&dev->port))
> > continue;
> > - (di + n)->id = dev->id;
> > - (di + n)->flags = dev->flags;
> > - (di + n)->state = dev->dlc->state;
> > - (di + n)->channel = dev->channel;
> > - bacpy(&(di + n)->src, &dev->src);
> > - bacpy(&(di + n)->dst, &dev->dst);
> > + di[n].id = dev->id;
> > + di[n].flags = dev->flags;
> > + di[n].state = dev->dlc->state;
> > + di[n].channel = dev->channel;
> > + bacpy(&di[n].src, &dev->src);
> > + bacpy(&di[n].dst, &dev->dst);
>
> This does not relate much to "prefer struct_size over open coded
> arithmetic". It should have been in a separate patch.
+1, please split these changes into its own patch so we can apply it separately.
> Other than that, LGTM.
>
> thanks,
> --
> js
> suse labs
>
--
Luiz Augusto von Dentz
