From: Patrick McHardy <kaber@trash.net>
To: herbert@gondor.apana.org.au
Cc: Patrick McHardy <kaber@trash.net>, netfilter-devel@vger.kernel.org
Subject: [TEXTSEARCH 03/03]: Do not allow zero length patterns in the textsearch infrastructure
Date: Fri, 30 Nov 2007 00:57:16 +0100 (MET) [thread overview]
Message-ID: <20071129235707.10108.56037.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20071129235703.10108.7960.sendpatchset@localhost.localdomain>
[TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure
If a zero length pattern is passed then return EINVAL.
Avoids infinite loops (bm) or invalid memory accesses (kmp).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit d3161d25f17eca4f57ea85485f453a6209d0c919
tree d1ea696ac2fc68cd79d43975e5d56940c04a2342
parent 7f6c4730c53415caee7cb0ed4c1adad48de3bb07
author Pablo Neira Ayuso <pablo@netfilter.org> Fri, 30 Nov 2007 00:54:50 +0100
committer Patrick McHardy <kaber@trash.net> Fri, 30 Nov 2007 00:54:50 +0100
lib/textsearch.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/textsearch.c b/lib/textsearch.c
index 88c98a2..be8bda3 100644
--- a/lib/textsearch.c
+++ b/lib/textsearch.c
@@ -7,7 +7,7 @@
* 2 of the License, or (at your option) any later version.
*
* Authors: Thomas Graf <tgraf@suug.ch>
- * Pablo Neira Ayuso <pablo@eurodev.net>
+ * Pablo Neira Ayuso <pablo@netfilter.org>
*
* ==========================================================================
*
@@ -250,7 +250,8 @@ unsigned int textsearch_find_continuous(struct ts_config *conf,
* the various search algorithms.
*
* Returns a new textsearch configuration according to the specified
- * parameters or a ERR_PTR().
+ * parameters or a ERR_PTR(). If a zero length pattern is passed, this
+ * function returns EINVAL.
*/
struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
unsigned int len, gfp_t gfp_mask, int flags)
@@ -259,6 +260,9 @@ struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
struct ts_config *conf;
struct ts_ops *ops;
+ if (len == 0)
+ return ERR_PTR(-EINVAL);
+
ops = lookup_ts_algo(algo);
#ifdef CONFIG_KMOD
/*
next prev parent reply other threads:[~2007-11-29 23:57 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-29 23:57 [NETFILTER 00/03]: Netfilter fixes Patrick McHardy
2007-11-29 23:57 ` [NETFILTER 01/03]: xt_TCPMSS: remove network triggerable WARN_ON Patrick McHardy
2007-11-29 23:57 ` [NETFILTER 02/03]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK Patrick McHardy
2007-11-29 23:57 ` Patrick McHardy [this message]
2007-11-30 13:04 ` [NETFILTER 00/03]: Netfilter fixes Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071129235707.10108.56037.sendpatchset@localhost.localdomain \
--to=kaber@trash.net \
--cc=herbert@gondor.apana.org.au \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).