Bluetooth: hci_conn: Use struct_size() in hci_le_big_create_sync()
Notice: this object is not reachable from any branch.

Use struct_size() instead of the open-coded version. Similarly to this other patch[1]. Link: https://lore.kernel.org/linux-hardening/ZiwwPmCvU25YzWek@neat/ [1] Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Notice: this object is not reachable from any branch.
author: Gustavo A. R. Silva <gustavoars@kernel.org> 2024-05-01 12:09:30 -0600
committer: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> 2024-05-01 15:30:24 -0400
commit: 7bbc06151f362b6eda17530ed0a3a5541a8cebd1 (patch)
tree: 9a0ce0cf253d40e0618aad0b259bd26aeaff7cef
parent: f50efbe27afd41703233d6643575d936a095f40e (diff)
download: bluetooth-next-7bbc06151f362b6eda17530ed0a3a5541a8cebd1.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index d6daf55f0307d5..c508609be105f8 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -2135,7 +2135,7 @@ int hci_le_big_create_sync(struct hci_dev *hdev, struct hci_conn *hcon,
 	memcpy(pdu->bis, bis, num_bis);
 
 	return hci_send_cmd(hdev, HCI_OP_LE_BIG_CREATE_SYNC,
-			    sizeof(*pdu) + num_bis, pdu);
+			    struct_size(pdu, bis, num_bis), pdu);
 }
 
 static void create_big_complete(struct hci_dev *hdev, void *data, int err)
author	Gustavo A. R. Silva <gustavoars@kernel.org>	2024-05-01 12:09:30 -0600
committer	Luiz Augusto von Dentz <luiz.von.dentz@intel.com>	2024-05-01 15:30:24 -0400
commit	7bbc06151f362b6eda17530ed0a3a5541a8cebd1 (patch)
tree	9a0ce0cf253d40e0618aad0b259bd26aeaff7cef
parent	f50efbe27afd41703233d6643575d936a095f40e (diff)
download	bluetooth-next-7bbc06151f362b6eda17530ed0a3a5541a8cebd1.tar.gz