From: Jiri Slaby Date: Sat, 8 Aug 2009 09:36:06 +0000 (+0200) Subject: [SCSI] nsp_cs: fix buf overflow X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=edced191e4512b7795380563634f4d44b21c684a;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git [SCSI] nsp_cs: fix buf overflow In nsp_cs_config there is a wrong struct nsp_cs_configdata allocation. It allocates only sizeof(pointer to nsp_cs_configdata) for a whole structure. Add a dereference to the sizeof to allocate sizeof(nsp_cs_configdata). Signed-off-by: Jiri Slaby Signed-off-by: James Bottomley --- diff --git a/drivers/scsi/pcmcia/nsp_cs.c b/drivers/scsi/pcmcia/nsp_cs.c index 70b60ade049e..e32c344d7ad8 100644 --- a/drivers/scsi/pcmcia/nsp_cs.c +++ b/drivers/scsi/pcmcia/nsp_cs.c @@ -1713,7 +1713,7 @@ static int nsp_cs_config(struct pcmcia_device *link) nsp_dbg(NSP_DEBUG_INIT, "in"); - cfg_mem = kzalloc(sizeof(cfg_mem), GFP_KERNEL); + cfg_mem = kzalloc(sizeof(*cfg_mem), GFP_KERNEL); if (!cfg_mem) return -ENOMEM; cfg_mem->data = data;