iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6f2f49ae4c
linux/drivers/media
History
Gustavo A. R. Silva 6f2f49ae4c media: venus: hfi_msgs.h: Replace one-element arrays with flexible-array members 
There is a regular need in the kernel to provide a way to declare having
a dynamically sized set of trailing elements in a structure. Kernel code
should always use “flexible array members”[1] for these cases. The older
style of one-element or zero-length arrays should no longer be used[2].

Use flexible-array members in struct hfi_msg_sys_property_info_pkt and
hfi_msg_session_property_info_pkt instead of one-element arrays, and
refactor the code accordingly.

Also, this helps with the ongoing efforts to enable -Warray-bounds by
fixing the following warnings:

  CC [M]  drivers/media/platform/qcom/venus/hfi_msgs.o
drivers/media/platform/qcom/venus/hfi_msgs.c: In function ‘hfi_sys_property_info’:
drivers/media/platform/qcom/venus/hfi_msgs.c:246:35: warning: array subscript 1 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds]
  246 |  if (req_bytes < 128 || !pkt->data[1] || pkt->num_properties > 1)
      |                          ~~~~~~~~~^~~
drivers/media/platform/qcom/venus/hfi_msgs.c: In function ‘hfi_session_prop_info’:
drivers/media/platform/qcom/venus/hfi_msgs.c:342:62: warning: array subscript 1 is above array bounds of ‘u32[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds]
  342 |  if (!req_bytes || req_bytes % sizeof(*buf_req) || !pkt->data[1])
      |                                                     ~~~~~~~~~^~~

[1] https://en.wikipedia.org/wiki/Flexible_array_member
[2] https://www.kernel.org/doc/html/v5.9/process/deprecated.html#zero-length-and-one-element-arrays

Link: https://github.com/KSPP/linux/issues/79
Link: https://github.com/KSPP/linux/issues/109

Co-developed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Stanimir Varbanov <stanimir.varbanov@linaro.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
2021-06-17 09:42:30 +02:00
..
cec media: s5p: fix pm_runtime_get_sync() usage count 2021-05-10 11:36:33 +02:00
common media: siano: fix device register error path 2021-06-17 09:27:08 +02:00
dvb-core media: dvb-core: frontend: make GET/SET safer 2021-06-17 09:29:11 +02:00
dvb-frontends media: mxl692: make a const array static, makes object smaller 2021-06-08 15:50:38 +02:00
firewire module: remove never implemented MODULE_SUPPORTED_DEVICE 2021-03-17 13:16:18 -07:00
i2c media: tc358743: Fix error return code in tc358743_probe_of() 2021-06-02 13:31:39 +02:00
mc media: mc-request.c: allow object_bind in QUEUED state 2021-06-02 11:41:54 +02:00
mmc
pci media: saa7134: fix saa7134_initdev error handling logic 2021-06-17 09:26:42 +02:00
platform media: venus: hfi_msgs.h: Replace one-element arrays with flexible-array members 2021-06-17 09:42:30 +02:00
radio media: radio: si4713: constify static struct v4l2_ioctl_ops 2021-06-02 13:26:11 +02:00
rc media: imon: use DEVICE_ATTR_RW() helper macro 2021-06-08 15:57:51 +02:00
spi media: cxd2880-spi: Fix some error messages 2021-06-08 15:51:35 +02:00
test-drivers media: vivid: use vb2_queue_change_type 2021-06-08 12:06:55 +02:00
tuners media: m88rs6000t: avoid potential out-of-bounds reads on arrays 2021-03-22 17:41:39 +01:00
usb media: ttusb-dec: cleanup an error handling logic 2021-06-17 09:27:34 +02:00
v4l2-core media: hevc: Add decode params control 2021-06-08 16:04:27 +02:00
Kconfig media: Correct 'so' 2021-03-22 11:52:09 +01:00
Makefile