@@ -739,19 +739,11 @@ static int stm_char_policy_set_ioctl(struct stm_file *stmf, void __user *arg)
if (size < sizeof(*id) || size >= PATH_MAX + sizeof(*id))
return -EINVAL;
- /*
- * size + 1 to make sure the .id string at the bottom is terminated,
- * which is also why memdup_user() is not useful here
- */
- id = kzalloc(size + 1, GFP_KERNEL);
+ /* Make sure the .id string at the bottom is nul terminated. */
+ id = memdup_user_nul(arg, size);
if (!id)
return -ENOMEM;
- if (copy_from_user(id, arg, size)) {
- ret = -EFAULT;
- goto err_free;
- }
-
if (id->__reserved_0 || id->__reserved_1)
goto err_free;
Instead of hand-writing kzalloc(size+1) + copy_from_user(size), use memdup_user_nul() that does the same with a few less lines of code. This also saves a useless zeroing of the allocated memory. Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> --- drivers/hwtracing/stm/core.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-)