From 41bb668315331e133fafe90d333a3806a777cf49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20L=C3=B3pez?= Date: Thu, 1 Aug 2024 14:48:11 +0200 Subject: [PATCH] lib: sbi: fwft: fix incorrect size passed to sbi_zalloc() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The fwt_hart_state struct inciludes a flexible array member, so its allocation size will be that of the struct itself, plus that of each of the members in the array. When calculating this size, instead of taking the size of the struct, the size of a pointer to it was taken, which is incorrect. Luckily, this happenned to not produce memory corruption because the size of the non-flexible members of the struct is the same as the size of a pointer. Signed-off-by: Carlos López Reviewed-by: Anup Patel --- lib/sbi/sbi_fwft.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/sbi/sbi_fwft.c b/lib/sbi/sbi_fwft.c index f1ae9159..ef881ef5 100644 --- a/lib/sbi/sbi_fwft.c +++ b/lib/sbi/sbi_fwft.c @@ -251,7 +251,7 @@ int sbi_fwft_init(struct sbi_scratch *scratch, bool cold_boot) fhs = fwft_get_hart_state_ptr(scratch); if (!fhs) { - fhs = sbi_zalloc(sizeof(fhs) + array_size(features) * sizeof(struct fwft_config)); + fhs = sbi_zalloc(sizeof(*fhs) + array_size(features) * sizeof(struct fwft_config)); if (!fhs) return SBI_ENOMEM;