Re: [PATCH v3] wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set

[Kalle Valo]

Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> struct mwifiex_ie_types_chan_list_param_set::chan_scan_param is treated
> as a flexible array, so convert it into one so that it doesn't trip
> the array bounds sanitizer[1]. Only a few places were using sizeof()
> on the whole struct, so adjust those to follow the calculation pattern
> to avoid including the trailing single element.
> 
> Examining binary output differences doesn't appear to show any literal
> size values changing, though it is obfuscated a bit by the compiler
> adjusting register usage and stack spill slots, etc.
> 
> Link: https://github.com/KSPP/linux/issues/51 [1]
> Cc: Brian Norris <briannorris@xxxxxxxxxxxx>
> Cc: Kalle Valo <kvalo@xxxxxxxxxx>
> Cc: Dmitry Antipov <dmantipov@xxxxxxxxx>
> Cc: Johannes Berg <johannes.berg@xxxxxxxxx>
> Cc: zuoqilin <zuoqilin@xxxxxxxxxx>
> Cc: Ruan Jinjie <ruanjinjie@xxxxxxxxxx>
> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Cc: Christophe JAILLET <christophe.jaillet@xxxxxxxxxx>
> Cc: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
> Cc: linux-wireless@xxxxxxxxxxxxxxx
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Reviewed-by: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>

Patch applied to wireless-next.git, thanks.

14ddc470ba22 wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set

-- 
https://patchwork.kernel.org/project/linux-wireless/patch/20240207103024.make.423-kees@xxxxxxxxxx/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches