Commit b11597b7 authored by Xi Wang's avatar Xi Wang Committed by Ben Hutchings

introduce SIZE_MAX

commit a3860c1c upstream.

ULONG_MAX is often used to check for integer overflow when calculating
allocation size.  While ULONG_MAX happens to work on most systems, there
is no guarantee that `size_t' must be the same size as `long'.

This patch introduces SIZE_MAX, the maximum value of `size_t', to improve
portability and readability for allocation size validation.
Signed-off-by: default avatarXi Wang <xi.wang@gmail.com>
Acked-by: default avatarAlex Elder <elder@dreamhost.com>
Cc: David Airlie <airlied@linux.ie>
Cc: Pekka Enberg <penberg@kernel.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
parent ce4ded58
...@@ -331,7 +331,7 @@ static int build_snap_context(struct ceph_snap_realm *realm) ...@@ -331,7 +331,7 @@ static int build_snap_context(struct ceph_snap_realm *realm)
/* alloc new snap context */ /* alloc new snap context */
err = -ENOMEM; err = -ENOMEM;
if (num > (ULONG_MAX - sizeof(*snapc)) / sizeof(u64)) if (num > (SIZE_MAX - sizeof(*snapc)) / sizeof(u64))
goto fail; goto fail;
snapc = kzalloc(sizeof(*snapc) + num*sizeof(u64), GFP_NOFS); snapc = kzalloc(sizeof(*snapc) + num*sizeof(u64), GFP_NOFS);
if (!snapc) if (!snapc)
......
...@@ -31,7 +31,7 @@ ...@@ -31,7 +31,7 @@
static __inline__ void *drm_calloc_large(size_t nmemb, size_t size) static __inline__ void *drm_calloc_large(size_t nmemb, size_t size)
{ {
if (size != 0 && nmemb > ULONG_MAX / size) if (size != 0 && nmemb > SIZE_MAX / size)
return NULL; return NULL;
if (size * nmemb <= PAGE_SIZE) if (size * nmemb <= PAGE_SIZE)
...@@ -44,7 +44,7 @@ static __inline__ void *drm_calloc_large(size_t nmemb, size_t size) ...@@ -44,7 +44,7 @@ static __inline__ void *drm_calloc_large(size_t nmemb, size_t size)
/* Modeled after cairo's malloc_ab, it's like calloc but without the zeroing. */ /* Modeled after cairo's malloc_ab, it's like calloc but without the zeroing. */
static __inline__ void *drm_malloc_ab(size_t nmemb, size_t size) static __inline__ void *drm_malloc_ab(size_t nmemb, size_t size)
{ {
if (size != 0 && nmemb > ULONG_MAX / size) if (size != 0 && nmemb > SIZE_MAX / size)
return NULL; return NULL;
if (size * nmemb <= PAGE_SIZE) if (size * nmemb <= PAGE_SIZE)
......
...@@ -34,6 +34,7 @@ ...@@ -34,6 +34,7 @@
#define LLONG_MAX ((long long)(~0ULL>>1)) #define LLONG_MAX ((long long)(~0ULL>>1))
#define LLONG_MIN (-LLONG_MAX - 1) #define LLONG_MIN (-LLONG_MAX - 1)
#define ULLONG_MAX (~0ULL) #define ULLONG_MAX (~0ULL)
#define SIZE_MAX (~(size_t)0)
#define STACK_MAGIC 0xdeadbeef #define STACK_MAGIC 0xdeadbeef
......
...@@ -242,7 +242,7 @@ size_t ksize(const void *); ...@@ -242,7 +242,7 @@ size_t ksize(const void *);
*/ */
static inline void *kmalloc_array(size_t n, size_t size, gfp_t flags) static inline void *kmalloc_array(size_t n, size_t size, gfp_t flags)
{ {
if (size != 0 && n > ULONG_MAX / size) if (size != 0 && n > SIZE_MAX / size)
return NULL; return NULL;
return __kmalloc(n * size, flags); return __kmalloc(n * size, flags);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment