On Wed, May 18, 2022 at 02:13:09PM +0800, Zhang Jianhua wrote:
> Make use of the struct_size() helper instead of an open-coded version,
> in order to avoid any potential type mistakes or integer overflows
> that, in the worst scenario, could lead to heap overflows.
>
> Also, address the following sparse warnings:
> fs/verity/enable.c:205:28: warning: using sizeof on a flexible structure
>
> Signed-off-by: Zhang Jianhua <chris.zjh@xxxxxxxxxx>
> ---
> fs/verity/enable.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/verity/enable.c b/fs/verity/enable.c
> index f75d2c010f36..075dc0aa5416 100644
> --- a/fs/verity/enable.c
> +++ b/fs/verity/enable.c
> @@ -201,7 +201,7 @@ static int enable_verity(struct file *filp,
> const struct fsverity_operations *vops = inode->i_sb->s_vop;
> struct merkle_tree_params params = { };
> struct fsverity_descriptor *desc;
> - size_t desc_size = sizeof(*desc) + arg->sig_size;
> + size_t desc_size = struct_size(desc, signature, arg->sig_size);
> struct fsverity_info *vi;
> int err;
This patch is a bit more useful than the other one, as the validation of
->sig_size happens in a different function. But it still happens. So please
don't claim that this patch is fixing a heap overflow. People use commit
messages to determine whether patches are fixing something, and how important
the fix is. So if it's a cleanup (not a bug fix), write that.
- Eric
|