[greybus-dev] Re: [PATCH][next] staging: greybus: i2c: Use struct_size() helper in gb_i2c_operation_create()

27 Jan 2022


      On Wed, Jan 26, 2022 at 01:54:04PM +0300, Dan Carpenter wrote:
...
On Mon, Jan 24, 2022 at 12:19:03PM -0800, Kees Cook wrote:
...
This could still overflow if struct_size() returns SIZE_MAX. Perhaps:
if (check_add_overflow(struct_size(request, ops, msg_count),
   		       data_out_size, &request_size))
   	request_size = SIZE_MAX;
I should brush off the saturating arithmetic helpers series:
https://lore.kernel.org/all/20210920180853.1825195-1-keescook@chromium.org/
Yes, please!  Those seem like a million times easier to use.
Here they are! :) Please review:
https://lore.kernel.org/lkml/20220124232342.3113350-1-keescook@chromium.org/
Thanks!
-- 
Kees Cook

2024

2023

2022

2021

2020

2019

2018

2017

2016

[greybus-dev] Re: [PATCH][next] staging: greybus: i2c: Use struct_size() helper in gb_i2c_operation_create()