[NET]: Reject socket filter if division by constant zero is attempted.
This way we don't have to check it in sk_run_filter(). Signed-off-by: Kris Katterjohn <kjak@users.sourceforge.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
aa8751667d
commit
fb0d366b08
1 changed files with 4 additions and 2 deletions
|
@ -116,8 +116,6 @@ int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen)
|
|||
A /= X;
|
||||
continue;
|
||||
case BPF_ALU|BPF_DIV|BPF_K:
|
||||
if (fentry->k == 0)
|
||||
return 0;
|
||||
A /= fentry->k;
|
||||
continue;
|
||||
case BPF_ALU|BPF_AND|BPF_X:
|
||||
|
@ -320,6 +318,10 @@ int sk_chk_filter(struct sock_filter *filter, int flen)
|
|||
}
|
||||
}
|
||||
|
||||
/* check for division by zero -Kris Katterjohn 2005-10-30 */
|
||||
if (ftest->code == (BPF_ALU|BPF_DIV|BPF_K) && ftest->k == 0)
|
||||
return -EINVAL;
|
||||
|
||||
/* check that memory operations use valid addresses. */
|
||||
if (ftest->k >= BPF_MEMWORDS) {
|
||||
/* but it might not be a memory operation... */
|
||||
|
|
Loading…
Reference in a new issue