From: Gustavo A. R. Silva <gustavoars@kernel.org>
Date: Wed, 1 May 2024 18:09:30 +0000 (-0600)
Subject: Bluetooth: hci_conn: Use struct_size() in hci_le_big_create_sync()
X-Git-Tag: microblaze-v6.13~1163^2~3^2~18
X-Git-Url: http://git.monstr.eu/?a=commitdiff_plain;h=d6bb8782b4b6ec14fb6e336f7f8c6a1ccce613b1;p=linux-2.6-microblaze.git

Bluetooth: hci_conn: Use struct_size() in hci_le_big_create_sync()

Use struct_size() instead of the open-coded version. Similarly to
this other patch[1].

Link: https://lore.kernel.org/linux-hardening/ZiwwPmCvU25YzWek@neat/ [1]
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
---

diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c
index 8375f7bd58ee..fc1aeb513b08 100644
--- a/net/bluetooth/hci_conn.c
+++ b/net/bluetooth/hci_conn.c
@@ -2132,7 +2132,7 @@ int hci_le_big_create_sync(struct hci_dev *hdev, struct hci_conn *hcon,
 	memcpy(pdu->bis, bis, num_bis);
 
 	return hci_send_cmd(hdev, HCI_OP_LE_BIG_CREATE_SYNC,
-			    sizeof(*pdu) + num_bis, pdu);
+			    struct_size(pdu, bis, num_bis), pdu);
 }
 
 static void create_big_complete(struct hci_dev *hdev, void *data, int err)