From: Julia Lawall Date: Sat, 22 May 2010 08:26:22 +0000 (+0200) Subject: USB: gadget: Use memdup_user X-Git-Tag: firefly_0821_release~9833^2~1028^2~138 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=be8a058b50a90282d32aa638720195e1c327c569;p=firefly-linux-kernel-4.4.55.git USB: gadget: Use memdup_user Use memdup_user when user data is immediately copied into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // @@ expression from,to,size,flag; position p; identifier l1,l2; @@ - to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( - to==NULL + IS_ERR(to) || ...) { <+... when != goto l1; - -ENOMEM + PTR_ERR(to) ...+> } - if (copy_from_user(to, from, size) != 0) { - <+... when != goto l2; - -EFAULT - ...+> - } // Signed-off-by: Julia Lawall Signed-off-by: Greg Kroah-Hartman --- diff --git a/drivers/usb/gadget/inode.c b/drivers/usb/gadget/inode.c index de8a83803505..63fc171c0ed9 100644 --- a/drivers/usb/gadget/inode.c +++ b/drivers/usb/gadget/inode.c @@ -1867,13 +1867,9 @@ dev_config (struct file *fd, const char __user *buf, size_t len, loff_t *ptr) buf += 4; length -= 4; - kbuf = kmalloc (length, GFP_KERNEL); - if (!kbuf) - return -ENOMEM; - if (copy_from_user (kbuf, buf, length)) { - kfree (kbuf); - return -EFAULT; - } + kbuf = memdup_user(buf, length); + if (IS_ERR(kbuf)) + return PTR_ERR(kbuf); spin_lock_irq (&dev->lock); value = -EINVAL;