• Alexey Dobriyan's avatar
    [PATCH] kmemdup: introduce · 1a2f67b4
    Alexey Dobriyan authored
    One of idiomatic ways to duplicate a region of memory is
    
    	dst = kmalloc(len, GFP_KERNEL);
    	if (!dst)
    		return -ENOMEM;
    	memcpy(dst, src, len);
    
    which is neat code except a programmer needs to write size twice.  Which
    sometimes leads to mistakes.  If len passed to kmalloc is smaller that len
    passed to memcpy, it's straight overwrite-beyond-end.  If len passed to
    memcpy is smaller than len passed to kmalloc, it's either a) legit
    behaviour ;-), or b) cloned buffer will contain garbage in second half.
    
    Slight trolling of commit lists shows several duplications bugs
    done exactly because of diverged lenghts:
    
    	Linux:
    		[CRYPTO]: Fix memcpy/memset args.
    		[PATCH] memcpy/memset fixes
    	OpenBSD:
    		kerberosV/src/lib/asn1: der_copy.c:1.4
    
    If programmer is given only one place to play with lengths, I believe, such
    mistakes could be avoided.
    
    With kmemdup, the snippet above will be rewritten as:
    
    	dst = kmemdup(src, len, GFP_KERNEL);
    	if (!dst)
    		return -ENOMEM;
    
    This also leads to smaller code (kzalloc effect). Quick grep shows
    200+ places where kmemdup() can be used.
    Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    1a2f67b4
util.c 1.68 KB