[NET]: Validate socket filters against BPF_MAXINSNS in one spot.
Currently the checks are scattered all over and this leads to inconsistencies and even cases where the check is not made. Based upon a patch from Kris Katterjohn. Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Родитель
6732badee0
Коммит
1b93ae64ca
|
@ -524,9 +524,6 @@ static int get_filter(void __user *arg, struct sock_filter **p)
|
|||
if (copy_from_user(&uprog, arg, sizeof(uprog)))
|
||||
return -EFAULT;
|
||||
|
||||
if (uprog.len > BPF_MAXINSNS)
|
||||
return -EINVAL;
|
||||
|
||||
if (!uprog.len) {
|
||||
*p = NULL;
|
||||
return 0;
|
||||
|
|
|
@ -293,7 +293,7 @@ int sk_chk_filter(struct sock_filter *filter, int flen)
|
|||
struct sock_filter *ftest;
|
||||
int pc;
|
||||
|
||||
if (((unsigned int)flen >= (~0U / sizeof(struct sock_filter))) || flen == 0)
|
||||
if (flen == 0 || flen > BPF_MAXINSNS)
|
||||
return -EINVAL;
|
||||
|
||||
/* check the filter code now */
|
||||
|
@ -360,7 +360,7 @@ int sk_attach_filter(struct sock_fprog *fprog, struct sock *sk)
|
|||
int err;
|
||||
|
||||
/* Make sure new filter is there and in the right amounts. */
|
||||
if (fprog->filter == NULL || fprog->len > BPF_MAXINSNS)
|
||||
if (fprog->filter == NULL)
|
||||
return -EINVAL;
|
||||
|
||||
fp = sock_kmalloc(sk, fsize+sizeof(*fp), GFP_KERNEL);
|
||||
|
|
Загрузка…
Ссылка в новой задаче