Drivers: hv: vmbus: Use struct_size() helper in kmalloc()

Make use of the struct_size() helper instead of an open-coded version,
in order to avoid any potential type mistakes or integer overflows that,
in the worst scenario, could lead to heap overflows.

Also, address the following sparse warnings:
drivers/hv/vmbus_drv.c:1132:31: warning: using sizeof on a flexible structure

Link: https://github.com/KSPP/linux/issues/174
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Reviewed-by: Michael Kelley <mikelley@microsoft.com>
Link: https://lore.kernel.org/r/20220125180131.GA67746@embeddedor
Signed-off-by: Wei Liu <wei.liu@kernel.org>

diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c
index 17bf55fe316976e3e6eaa34d5fa6161e916f41c6..cd193456cd84b0641db582b7074f304e56231fdf 100644 (file)
--- a/drivers/hv/vmbus_drv.c
+++ b/drivers/hv/vmbus_drv.c
@@ -1129,7 +1129,7 @@ void vmbus_on_msg_dpc(unsigned long data)
        }
 
        if (entry->handler_type == VMHT_BLOCKING) {
-               ctx = kmalloc(sizeof(*ctx) + payload_size, GFP_ATOMIC);
+               ctx = kmalloc(struct_size(ctx, msg.payload, payload_size), GFP_ATOMIC);
                if (ctx == NULL)
                        return;