On Fri, Jun 23, 2023 at 11:14:39PM +0200, Julia Lawall wrote:
> Use array_size to protect against multiplication overflows.
>
> The changes were done using the following Coccinelle semantic patch:
>
> // <smpl>
> @@
> expression E1, E2;
> constant C1, C2;
> identifier alloc = {vmalloc,vzalloc};
> @@
>
> (
> alloc(C1 * C2,...)
> |
> alloc(
> - (E1) * (E2)
> + array_size(E1, E2)
> ,...)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@xxxxxxxx>
>
> ---
> drivers/virtio/virtio_mem.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
can't hurt I guess.
Acked-by: Michael S. Tsirkin <mst@xxxxxxxxxx>
> diff --git a/drivers/virtio/virtio_mem.c b/drivers/virtio/virtio_mem.c
> index 835f6cc2fb66..a4dfe7aab288 100644
> --- a/drivers/virtio/virtio_mem.c
> +++ b/drivers/virtio/virtio_mem.c
> @@ -399,7 +399,7 @@ static int virtio_mem_bbm_bb_states_prepare_next_bb(struct virtio_mem *vm)
> if (vm->bbm.bb_states && old_pages == new_pages)
> return 0;
>
> - new_array = vzalloc(new_pages * PAGE_SIZE);
> + new_array = vzalloc(array_size(new_pages, PAGE_SIZE));
> if (!new_array)
> return -ENOMEM;
>
> @@ -465,7 +465,7 @@ static int virtio_mem_sbm_mb_states_prepare_next_mb(struct virtio_mem *vm)
> if (vm->sbm.mb_states && old_pages == new_pages)
> return 0;
>
> - new_array = vzalloc(new_pages * PAGE_SIZE);
> + new_array = vzalloc(array_size(new_pages, PAGE_SIZE));
> if (!new_array)
> return -ENOMEM;
>
> @@ -588,7 +588,7 @@ static int virtio_mem_sbm_sb_states_prepare_next_mb(struct virtio_mem *vm)
> if (vm->sbm.sb_states && old_pages == new_pages)
> return 0;
>
> - new_bitmap = vzalloc(new_pages * PAGE_SIZE);
> + new_bitmap = vzalloc(array_size(new_pages, PAGE_SIZE));
> if (!new_bitmap)
> return -ENOMEM;
>
