[SCSI] nsp_cs: fix buf overflow

In nsp_cs_config there is a wrong struct nsp_cs_configdata allocation.
It allocates only sizeof(pointer to nsp_cs_configdata) for a whole
structure. Add a dereference to the sizeof to allocate
sizeof(nsp_cs_configdata).

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>

diff --git a/drivers/scsi/pcmcia/nsp_cs.c b/drivers/scsi/pcmcia/nsp_cs.c
index 70b60ad..e32c344 100644 (file)
--- a/drivers/scsi/pcmcia/nsp_cs.c
+++ b/drivers/scsi/pcmcia/nsp_cs.c
@@ -1713,7 +1713,7 @@ static int nsp_cs_config(struct pcmcia_device *link)
 
        nsp_dbg(NSP_DEBUG_INIT, "in");
 
-       cfg_mem = kzalloc(sizeof(cfg_mem), GFP_KERNEL);
+       cfg_mem = kzalloc(sizeof(*cfg_mem), GFP_KERNEL);
        if (!cfg_mem)
                return -ENOMEM;
        cfg_mem->data = data;