fs/zfs: Prevent overflows when allocating memory for arrays

author Lidong Chen <lidong.chen@oracle.com>

Wed, 22 Jan 2025 07:17:03 +0000 (07:17 +0000)

committer Felix Zielcke <fzielcke@z-51.de>

Wed, 11 Jun 2025 15:42:34 +0000 (17:42 +0200)
author Lidong Chen <lidong.chen@oracle.com>
Wed, 22 Jan 2025 07:17:03 +0000 (07:17 +0000)
committer Felix Zielcke <fzielcke@z-51.de>
Wed, 11 Jun 2025 15:42:34 +0000 (17:42 +0200)
diff --git a/grub-core/fs/zfs/zfs.c b/grub-core/fs/zfs/zfs.c

index 2f303d655bc4dc47960ca84e445dc8f9ef3edd00..9ab7bf31973d99ab3a451948e033783a799bb2c2 100644 (file)
--- a/grub-core/fs/zfs/zfs.c
+++ b/grub-core/fs/zfs/zfs.c
@@ -723,8 +723,8 @@ fill_vdev_info_real (struct grub_zfs_data *data,
         {
           fill->n_children = nelm;
  
-         fill->children = grub_zalloc (fill->n_children
-                                       * sizeof (fill->children[0]));
+         fill->children = grub_calloc (fill->n_children,
+                                       sizeof (fill->children[0]));
         }
  
        for (i = 0; i < nelm; i++)
@@ -3712,8 +3712,8 @@ zfs_mount (grub_device_t dev)
  #endif
  
    data->n_devices_allocated = 16;
-  data->devices_attached = grub_malloc (sizeof (data->devices_attached[0])
-                                       * data->n_devices_allocated);
+  data->devices_attached = grub_calloc (data->n_devices_allocated,
+                                       sizeof (data->devices_attached[0]));
    data->n_devices_attached = 0;
    err = scan_disk (dev, data, 1, &inserted);
    if (err)
author	Lidong Chen <lidong.chen@oracle.com>
	Wed, 22 Jan 2025 07:17:03 +0000 (07:17 +0000)
committer	Felix Zielcke <fzielcke@z-51.de>
	Wed, 11 Jun 2025 15:42:34 +0000 (17:42 +0200)