net: filter: Use kcalloc/kmalloc_array to allocate arrays

Use kcalloc/kmalloc_array to make it clear we're allocating arrays. No
integer overflow can actually happen here, since len/flen is guaranteed
to be less than BPF_MAXINSNS (4096). However, this changed makes sure
we're not going to get one if BPF_MAXINSNS were ever increased.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/core/filter.c b/net/core/filter.c
index 4d13b125ef4bf284f665c8042f5bf10c2b63f31d..1dbf6462f766541a20db14a3917c9f0813e73652 100644 (file)
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -844,7 +844,7 @@ int sk_convert_filter(struct sock_filter *prog, int len,
                return -EINVAL;
 
        if (new_prog) {
-               addrs = kzalloc(len * sizeof(*addrs), GFP_KERNEL);
+               addrs = kcalloc(len, sizeof(*addrs), GFP_KERNEL);
                if (!addrs)
                        return -ENOMEM;
        }
@@ -1101,7 +1101,7 @@ static int check_load_and_stores(struct sock_filter *filter, int flen)
 
        BUILD_BUG_ON(BPF_MEMWORDS > 16);
 
-       masks = kmalloc(flen * sizeof(*masks), GFP_KERNEL);
+       masks = kmalloc_array(flen, sizeof(*masks), GFP_KERNEL);
        if (!masks)
                return -ENOMEM;