ecryptfs: Annotate struct ecryptfs_message with __counted_by

Add the __counted_by() compiler attribute to the flexible array member 'data' to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Acked-by: Tyler Hicks <code@tyhicks.com> Link: https://patch.msgid.link/20260112115314.739612-2-thorsten.blum@linux.dev Signed-off-by: Kees Cook <kees@kernel.org>
2026-04-04 20:32:27 -04:00 · 2026-01-12 12:53:11 +01:00
parent 7583873c31
commit cc34c669ab
1 changed files with 1 additions and 1 deletions
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -359,7 +359,7 @@ struct ecryptfs_message {
 	/* Inherits from msg_ctx->index */
 	u32 index;
 	u32 data_len;
-	u8 data[];
+	u8 data[] __counted_by(data_len);
 };

 struct ecryptfs_msg_ctx {