projects
/
linux-2.6-block.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
1a437d3
)
bpf: Use kmemdup_array instead of kmemdup for multiple allocation
author
Yu Jiaoliang
<yujiaoliang@vivo.com>
Wed, 21 Aug 2024 07:37:08 +0000
(15:37 +0800)
committer
Daniel Borkmann
<daniel@iogearbox.net>
Thu, 22 Aug 2024 12:28:24 +0000
(14:28 +0200)
Let the kmemdup_array() take care about multiplication and possible
overflows.
Signed-off-by: Yu Jiaoliang <yujiaoliang@vivo.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link:
https://lore.kernel.org/bpf/20240821073709.4067177-1-yujiaoliang@vivo.com
net/core/filter.c
patch
|
blob
|
blame
|
history
diff --git
a/net/core/filter.c
b/net/core/filter.c
index 78a6f746ea0ba045773a11d07645e6c4140fee04..ecf2ddf633bfc5f19b63cb87af05da97ca79b896 100644
(file)
--- a/
net/core/filter.c
+++ b/
net/core/filter.c
@@
-1265,8
+1265,8
@@
static struct bpf_prog *bpf_migrate_filter(struct bpf_prog *fp)
* so we need to keep the user BPF around until the 2nd
* pass. At this time, the user BPF is stored in fp->insns.
*/
- old_prog = kmemdup
(fp->insns, old_len *
sizeof(struct sock_filter),
- GFP_KERNEL | __GFP_NOWARN);
+ old_prog = kmemdup
_array(fp->insns, old_len,
sizeof(struct sock_filter),
+
GFP_KERNEL | __GFP_NOWARN);
if (!old_prog) {
err = -ENOMEM;
goto out_err;