Use array_size to protect against multiplication overflows.
The changes were done using the following Coccinelle semantic patch:
// <smpl>
@@
expression E1, E2;
constant C1, C2;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2,...)
|
alloc(
- (E1) * (E2)
+ array_size(E1, E2)
,...)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@xxxxxxxx>
---
kernel/kcov.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/kcov.c b/kernel/kcov.c
index 84c717337df0..631444760644 100644
--- a/kernel/kcov.c
+++ b/kernel/kcov.c
@@ -900,7 +900,7 @@ void kcov_remote_start(u64 handle)
/* Can only happen when in_task(). */
if (!area) {
local_unlock_irqrestore(&kcov_percpu_data.lock, flags);
- area = vmalloc(size * sizeof(unsigned long));
+ area = vmalloc(array_size(size, sizeof(unsigned long)));
if (!area) {
kcov_put(kcov);
return;
