From: Arjan van de Ven <arjanv@redhat.com>
To: Pekka Enberg <penberg@cs.helsinki.fi>
Cc: Chris Wright <chrisw@osdl.org>,
linux-kernel@vger.kernel.org, tiwai@suse.de
Subject: Re: [PATCH] ALSA: Remove subsystem-specific malloc (1/8)
Date: Wed, 9 Jun 2004 22:59:44 +0200 [thread overview]
Message-ID: <20040609205944.GA21150@devserv.devel.redhat.com> (raw)
In-Reply-To: <1086814663.13026.70.camel@cherry>
[-- Attachment #1: Type: text/plain, Size: 1533 bytes --]
On Wed, Jun 09, 2004 at 11:57:43PM +0300, Pekka Enberg wrote:
> On Wed, 2004-06-09 at 23:21, Arjan van de Ven wrote:
> > how about making sure n*size doesn't overflow an int in this function?
> > We had a few security holes due to that happening a while ago; might as
> > well prevent it from happening entirely
>
> Sure.
>
> Pekka
>
> diff -urN linux-2.6.6/include/linux/slab.h kcalloc-2.6.6/include/linux/slab.h
> --- linux-2.6.6/include/linux/slab.h 2004-06-09 22:56:11.874249056 +0300
> +++ kcalloc-2.6.6/include/linux/slab.h 2004-06-09 23:03:10.597593432 +0300
> @@ -95,6 +95,7 @@
> return __kmalloc(size, flags);
> }
>
> +extern void *kcalloc(size_t, size_t, int);
> extern void kfree(const void *);
> extern unsigned int ksize(const void *);
>
> diff -urN linux-2.6.6/mm/slab.c kcalloc-2.6.6/mm/slab.c
> --- linux-2.6.6/mm/slab.c 2004-06-09 22:59:13.081701336 +0300
> +++ kcalloc-2.6.6/mm/slab.c 2004-06-09 23:50:06.592497136 +0300
> @@ -2332,6 +2332,25 @@
> EXPORT_SYMBOL(kmem_cache_free);
>
> /**
> + * kcalloc - allocate memory for an array. The memory is set to zero.
> + * @n: number of elements.
> + * @size: element size.
> + * @flags: the type of memory to allocate.
> + */
> +void *kcalloc(size_t n, size_t size, int flags)
> +{
> + if (n != 0 && size > INT_MAX / n)
> + return NULL;
> +
> + void *ret = kmalloc(n * size, flags);
> + if (ret)
> + memset(ret, 0, n * size);
> + return ret;
> +}
ok I like it ;)
only question is what n==0 means, might as well short-circuit that but it's
optional
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2004-06-09 21:02 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-08 21:24 [PATCH] ALSA: Remove subsystem-specific malloc (1/8) Pekka J Enberg
2004-06-09 18:34 ` Chris Wright
2004-06-09 20:13 ` Pekka Enberg
2004-06-09 20:21 ` Arjan van de Ven
2004-06-09 20:40 ` Valdis.Kletnieks
2004-06-09 20:57 ` Chris Wright
2004-06-09 20:57 ` Pekka Enberg
2004-06-09 20:59 ` Arjan van de Ven [this message]
2004-06-09 21:07 ` Pekka Enberg
2004-06-11 10:09 ` Takashi Iwai
2004-06-11 10:43 ` Pekka J Enberg
2004-06-11 10:53 ` Pekka J Enberg
2004-06-09 21:00 ` [PATCH] " Chris Wright
2004-06-09 21:18 ` Pekka Enberg
2004-06-10 5:08 ` dean gaudet
2004-06-10 12:32 ` Dave Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040609205944.GA21150@devserv.devel.redhat.com \
--to=arjanv@redhat.com \
--cc=chrisw@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=penberg@cs.helsinki.fi \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.