Use array_size to protect against multiplication overflows.
The changes were done using the following Coccinelle semantic patch:
// <smpl>
@@
expression E1, E2;
constant C1, C2;
identifier alloc = {vmalloc,vzalloc};
@@
(
alloc(C1 * C2,...)
|
alloc(
- (E1) * (E2)
+ array_size(E1, E2)
,...)
)
// </smpl>
Signed-off-by: Julia Lawall <Julia.Lawall@xxxxxxxx>
---
drivers/iommu/tegra-gart.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/iommu/tegra-gart.c b/drivers/iommu/tegra-gart.c
index a482ff838b53..def222da83f1 100644
--- a/drivers/iommu/tegra-gart.c
+++ b/drivers/iommu/tegra-gart.c
@@ -348,8 +348,8 @@ struct gart_device *tegra_gart_probe(struct device *dev, struct tegra_mc *mc)
if (err)
goto remove_sysfs;
- gart->savedata = vmalloc(resource_size(res) / GART_PAGE_SIZE *
- sizeof(u32));
+ gart->savedata = vmalloc(array_size(resource_size(res) / GART_PAGE_SIZE,
+ sizeof(u32)));
if (!gart->savedata) {
err = -ENOMEM;
goto unregister_iommu;
