]> bbs.cooldavid.org Git - net-next-2.6.git/blobdiff - net/core/filter.c
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[NET]: Reject socket filter if division by constant zero is attempted.
[net-next-2.6.git] / net / core / filter.c
diff --git a/net/core/filter.c b/net/core/filter.c
index 079c2edff789e95ccc9fbcec96184c2eb2772e84..2841bfce29d6a5d52433d0812362eb994f1f2765 100644 (file)
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -116,8 +116,6 @@ int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen)
                        A /= X;
                        continue;
                case BPF_ALU|BPF_DIV|BPF_K:
-                       if (fentry->k == 0)
-                               return 0;
                        A /= fentry->k;
                        continue;
                case BPF_ALU|BPF_AND|BPF_X:
@@ -320,6 +318,10 @@ int sk_chk_filter(struct sock_filter *filter, int flen)
                        }
                }
 
+               /* check for division by zero   -Kris Katterjohn 2005-10-30 */
+               if (ftest->code == (BPF_ALU|BPF_DIV|BPF_K) && ftest->k == 0)
+                       return -EINVAL;
+
                /* check that memory operations use valid addresses. */
                if (ftest->k >= BPF_MEMWORDS) {
                        /* but it might not be a memory operation... */
Clone of davem's net-next-2.6 tree