From: Julia Lawall Date: Fri, 4 Jun 2010 23:11:17 +0000 (-0700) Subject: drivers/ide: Use memdup_user X-Git-Tag: firefly_0821_release~9833^2~492^2~2 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=7d543d8468348c44010c7b4e6fdd23a398779668;p=firefly-linux-kernel-4.4.55.git drivers/ide: Use memdup_user Use memdup_user when user data is immediately copied into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ - to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( - to==NULL + IS_ERR(to) || ...) { <+... when != goto l1; - -ENOMEM + PTR_ERR(to) ...+> } - if (copy_from_user(to, from, size) != 0) { - <+... when != goto l2; - -EFAULT - ...+> - } // Signed-off-by: Julia Lawall Signed-off-by: David S. Miller --- diff --git a/drivers/ide/ide-taskfile.c b/drivers/ide/ide-taskfile.c index 67fb73559fd5..34b9872f35d1 100644 --- a/drivers/ide/ide-taskfile.c +++ b/drivers/ide/ide-taskfile.c @@ -480,13 +480,9 @@ int ide_taskfile_ioctl(ide_drive_t *drive, unsigned long arg) u16 nsect = 0; char __user *buf = (char __user *)arg; - req_task = kzalloc(tasksize, GFP_KERNEL); - if (req_task == NULL) - return -ENOMEM; - if (copy_from_user(req_task, buf, tasksize)) { - kfree(req_task); - return -EFAULT; - } + req_task = memdup_user(buf, tasksize); + if (IS_ERR(req_task)) + return PTR_ERR(req_task); taskout = req_task->out_size; taskin = req_task->in_size;