Reviewed by: Alex Markuze <amarkuze@xxxxxxxxxx> On Fri, Jun 6, 2025 at 10:05 PM Viacheslav Dubeyko <slava@xxxxxxxxxxx> wrote: > > From: Viacheslav Dubeyko <Slava.Dubeyko@xxxxxxx> > > The Coverity Scan service has detected the wrong sizeof > argument in register_session() [1]. The CID 1598909 defect > contains explanation: "The wrong sizeof value is used in > an expression or as argument to a function. The result is > an incorrect value that may cause unexpected program behaviors. > In register_session: The sizeof operator is invoked on > the wrong argument (CWE-569)". > > The patch introduces a ptr_size variable that is initialized > by sizeof(struct ceph_mds_session *). And this variable is used > instead of sizeof(void *) in the code. > > [1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1598909 > > Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@xxxxxxx> > --- > fs/ceph/mds_client.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c > index 230e0c3f341f..5181798643d7 100644 > --- a/fs/ceph/mds_client.c > +++ b/fs/ceph/mds_client.c > @@ -979,14 +979,15 @@ static struct ceph_mds_session *register_session(struct ceph_mds_client *mdsc, > if (mds >= mdsc->max_sessions) { > int newmax = 1 << get_count_order(mds + 1); > struct ceph_mds_session **sa; > + size_t ptr_size = sizeof(struct ceph_mds_session *); > > doutc(cl, "realloc to %d\n", newmax); > - sa = kcalloc(newmax, sizeof(void *), GFP_NOFS); > + sa = kcalloc(newmax, ptr_size, GFP_NOFS); > if (!sa) > goto fail_realloc; > if (mdsc->sessions) { > memcpy(sa, mdsc->sessions, > - mdsc->max_sessions * sizeof(void *)); > + mdsc->max_sessions * ptr_size); > kfree(mdsc->sessions); > } > mdsc->sessions = sa; > -- > 2.49.0 >
