On Tue, 8 Jan 2019, Gustavo A. R. Silva wrote:
> One of the more common cases of allocation size calculations is finding
> the size of a structure that has a zero-sized array at the end, along
> with memory for some number of elements for that array. For example:
>
> struct foo {
> int stuff;
> void *entry[];
> };
>
> instance = kmalloc(sizeof(struct foo) + sizeof(void *) * count, GFP_KERNEL);
>
> Instead of leaving these open-coded and prone to type mistakes, we can
> now use the new struct_size() helper:
>
> instance = kmalloc(struct_size(instance, entry, count), GFP_KERNEL);
>
> This code was detected with the help of Coccinelle.
>
> Signed-off-by: Gustavo A. R. Silva <gustavo@xxxxxxxxxxxxxx>
> ---
> drivers/usb/core/urb.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/usb/core/urb.c b/drivers/usb/core/urb.c
> index f51750bcd152..0eab79f82ce4 100644
> --- a/drivers/usb/core/urb.c
> +++ b/drivers/usb/core/urb.c
> @@ -70,9 +70,8 @@ struct urb *usb_alloc_urb(int iso_packets, gfp_t mem_flags)
> {
> struct urb *urb;
>
> - urb = kmalloc(sizeof(struct urb) +
> - iso_packets * sizeof(struct usb_iso_packet_descriptor),
> - mem_flags);
> + urb = kmalloc(struct_size(urb, iso_frame_desc, iso_packets),
> + mem_flags);
> if (!urb)
> return NULL;
> usb_init_urb(urb);
Acked-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
