From: Gopi Krishna Menon Date: Thu, 18 Sep 2025 18:44:14 +0000 (+0530) Subject: mtd: cfi: use struct_size() helper for cfiq allocation X-Git-Tag: v6.18-rc1~78^2~11 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d496b6f42eb0455caf5d8cb30cf1f01b7fc2a747;p=thirdparty%2Fkernel%2Fstable.git mtd: cfi: use struct_size() helper for cfiq allocation Documentation/process/deprecated.rst recommends against performing dynamic size calculations in the arguments of memory allocator function due to the risk of overflow. Such calculations can wrap around and result in a smaller allocation than what the caller was expecting. Replace the size calculation in cfiq allocation with struct_size() helper to make the code clearer and handle the overflows correctly. Signed-off-by: Gopi Krishna Menon Reviewed-by: Vignesh Raghavendra link: https://lore.kernel.org/linux-kernel-mentees/20250922071137.900508-1-rk0006818@gmail.com/T/#u Signed-off-by: Miquel Raynal --- diff --git a/drivers/mtd/chips/cfi_probe.c b/drivers/mtd/chips/cfi_probe.c index a04b6174181c4..e254f9cd27968 100644 --- a/drivers/mtd/chips/cfi_probe.c +++ b/drivers/mtd/chips/cfi_probe.c @@ -208,7 +208,7 @@ static int __xipram cfi_chip_setup(struct map_info *map, if (!num_erase_regions) return 0; - cfi->cfiq = kmalloc(sizeof(struct cfi_ident) + num_erase_regions * 4, GFP_KERNEL); + cfi->cfiq = kmalloc(struct_size(cfi->cfiq, EraseRegionInfo, num_erase_regions), GFP_KERNEL); if (!cfi->cfiq) return 0;