nfs: Annotate struct nfs_cache_array with __counted_by()

Add the __counted_by compiler attribute to the flexible array member
array to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and
CONFIG_FORTIFY_SOURCE.

Increment size before adding a new struct to the array.

Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
Signed-off-by: Anna Schumaker <anna.schumaker@oracle.com>

diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
index 4cb97ef413504f5ffc322edf0f094d5da586ef17..492cffd9d3d845723b5f3d0eea3874b1f1773fe1 100644 (file)
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -151,7 +151,7 @@ struct nfs_cache_array {
        unsigned char folio_full : 1,
                      folio_is_eof : 1,
                      cookies_are_ordered : 1;
-       struct nfs_cache_array_entry array[];
+       struct nfs_cache_array_entry array[] __counted_by(size);
 };
 
 struct nfs_readdir_descriptor {
@@ -328,7 +328,8 @@ static int nfs_readdir_folio_array_append(struct folio *folio,
                goto out;
        }
 
-       cache_entry = &array->array[array->size];
+       array->size++;
+       cache_entry = &array->array[array->size - 1];
        cache_entry->cookie = array->last_cookie;
        cache_entry->ino = entry->ino;
        cache_entry->d_type = entry->d_type;
@@ -337,7 +338,6 @@ static int nfs_readdir_folio_array_append(struct folio *folio,
        array->last_cookie = entry->cookie;
        if (array->last_cookie <= cache_entry->cookie)
                array->cookies_are_ordered = 0;
-       array->size++;
        if (entry->eof != 0)
                nfs_readdir_array_set_eof(array);
 out: