Use array_size to protect against multiplication overflows.
The changes were done using the following Coccinelle semantic patch:
// <smpl>
@@
expression E1, E2;
constant C1, C2;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2,...)
|
alloc(
- (E1) * (E2)
+ array_size(E1, E2)
,...)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@xxxxxxxx>
---
drivers/virtio/virtio_mem.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/virtio/virtio_mem.c b/drivers/virtio/virtio_mem.c
index 835f6cc2fb66..a4dfe7aab288 100644
--- a/drivers/virtio/virtio_mem.c
+++ b/drivers/virtio/virtio_mem.c
@@ -399,7 +399,7 @@ static int virtio_mem_bbm_bb_states_prepare_next_bb(struct virtio_mem *vm)
if (vm->bbm.bb_states && old_pages == new_pages)
return 0;
- new_array = vzalloc(new_pages * PAGE_SIZE);
+ new_array = vzalloc(array_size(new_pages, PAGE_SIZE));
if (!new_array)
return -ENOMEM;
@@ -465,7 +465,7 @@ static int virtio_mem_sbm_mb_states_prepare_next_mb(struct virtio_mem *vm)
if (vm->sbm.mb_states && old_pages == new_pages)
return 0;
- new_array = vzalloc(new_pages * PAGE_SIZE);
+ new_array = vzalloc(array_size(new_pages, PAGE_SIZE));
if (!new_array)
return -ENOMEM;
@@ -588,7 +588,7 @@ static int virtio_mem_sbm_sb_states_prepare_next_mb(struct virtio_mem *vm)
if (vm->sbm.sb_states && old_pages == new_pages)
return 0;
- new_bitmap = vzalloc(new_pages * PAGE_SIZE);
+ new_bitmap = vzalloc(array_size(new_pages, PAGE_SIZE));
if (!new_bitmap)
return -ENOMEM;
