binfmt_elf: Replace offsetof() with struct_size() in fill_note_info()

When dealing with structures containing flexible arrays, struct_size() provides additional compile-time checks compared to offsetof(). This enhances code robustness and reduces the risk of potential errors. Signed-off-by: Xichao Zhao <zhao.xichao@vivo.com> Link: https://lore.kernel.org/r/20250813115058.635742-1-zhao.xichao@vivo.com Signed-off-by: Kees Cook <kees@kernel.org>
author: Xichao Zhao <zhao.xichao@vivo.com> 2025-08-13 19:50:58 +0800
committer: Kees Cook <kees@kernel.org> 2025-08-25 14:29:14 -0700
commit: a728ce8ffbd27954fdb2826dcc15a6576e574b83 (patch)
tree: 37cf31d8a9a7553a05204b419b3bcf03089f3867 /fs/binfmt_elf.c
parent: 5e088248375d171b80c643051e77ade6b97bc386 (diff)
1 files changed, 3 insertions, 5 deletions
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 264fba0d44bd..4aacf9c9cc2d 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -1845,16 +1845,14 @@ static int fill_note_info(struct elfhdr *elf, int phdrs,
 	/*
 	 * Allocate a structure for each thread.
 	 */
-	info->thread = kzalloc(offsetof(struct elf_thread_core_info,
-				     notes[info->thread_notes]),
-			    GFP_KERNEL);
+	info->thread = kzalloc(struct_size(info->thread, notes, info->thread_notes),
+			       GFP_KERNEL);
 	if (unlikely(!info->thread))
 		return 0;
 
 	info->thread->task = dump_task;
 	for (ct = dump_task->signal->core_state->dumper.next; ct; ct = ct->next) {
-		t = kzalloc(offsetof(struct elf_thread_core_info,
-				     notes[info->thread_notes]),
+		t = kzalloc(struct_size(t, notes, info->thread_notes),
 			    GFP_KERNEL);
 		if (unlikely(!t))
 			return 0;
author	Xichao Zhao <zhao.xichao@vivo.com>	2025-08-13 19:50:58 +0800
committer	Kees Cook <kees@kernel.org>	2025-08-25 14:29:14 -0700
commit	a728ce8ffbd27954fdb2826dcc15a6576e574b83 (patch)
tree	37cf31d8a9a7553a05204b419b3bcf03089f3867 /fs/binfmt_elf.c
parent	5e088248375d171b80c643051e77ade6b97bc386 (diff)