diff options
| author | Gustavo A. R. Silva <gustavoars@kernel.org> | 2024-03-26 04:34:01 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-08-19 07:04:28 +0300 |
| commit | 107449cfb2176318600e4763c9d9d267b32b636a (patch) | |
| tree | fa0558e7da3192869921ff21dd1c1854b5d175c2 /include/linux | |
| parent | 63f13eb5d627e6b24b03bdc3b59516fac4e68056 (diff) | |
| download | linux-107449cfb2176318600e4763c9d9d267b32b636a.tar.xz | |
fs: Annotate struct file_handle with __counted_by() and use struct_size()
[ Upstream commit 68d6f4f3fbd9b1baae53e7cf33fb3362b5a21494 ]
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time via CONFIG_UBSAN_BOUNDS (for
array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).
While there, use struct_size() helper, instead of the open-coded
version.
[brauner@kernel.org: contains a fix by Edward for an OOB access]
Reported-by: syzbot+4139435cb1b34cf759c2@syzkaller.appspotmail.com
Signed-off-by: Edward Adam Davis <eadavis@qq.com>
Link: https://lore.kernel.org/r/tencent_A7845DD769577306D813742365E976E3A205@qq.com
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/ZgImCXTdGDTeBvSS@neat
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/fs.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index 5ca9e859c042..43e640fb4a7f 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1036,7 +1036,7 @@ struct file_handle { __u32 handle_bytes; int handle_type; /* file identifier */ - unsigned char f_handle[]; + unsigned char f_handle[] __counted_by(handle_bytes); }; static inline struct file *get_file(struct file *f) |