aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2007-12-01 00:03:52 +1100
committerHerbert Xu <herbert@gondor.apana.org.au>2007-12-01 00:03:52 +1100
commite03ba84adb62fbc6049325a5bc00ef6932fa5e39 (patch)
tree37a6d1206d6480bbbcda98a8b636a2071a6bf31c
parent67b4af297033f5f65999885542f95ba7b562848a (diff)
[TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure
If a zero length pattern is passed then return EINVAL. Avoids infinite loops (bm) or invalid memory accesses (kmp). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-rw-r--r--lib/textsearch.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/textsearch.c b/lib/textsearch.c
index 88c98a2ec8d..be8bda3862f 100644
--- a/lib/textsearch.c
+++ b/lib/textsearch.c
@@ -7,7 +7,7 @@
* 2 of the License, or (at your option) any later version.
*
* Authors: Thomas Graf <tgraf@suug.ch>
- * Pablo Neira Ayuso <pablo@eurodev.net>
+ * Pablo Neira Ayuso <pablo@netfilter.org>
*
* ==========================================================================
*
@@ -250,7 +250,8 @@ unsigned int textsearch_find_continuous(struct ts_config *conf,
* the various search algorithms.
*
* Returns a new textsearch configuration according to the specified
- * parameters or a ERR_PTR().
+ * parameters or a ERR_PTR(). If a zero length pattern is passed, this
+ * function returns EINVAL.
*/
struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
unsigned int len, gfp_t gfp_mask, int flags)
@@ -259,6 +260,9 @@ struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
struct ts_config *conf;
struct ts_ops *ops;
+ if (len == 0)
+ return ERR_PTR(-EINVAL);
+
ops = lookup_ts_algo(algo);
#ifdef CONFIG_KMOD
/*