mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-08-26 02:39:48 +00:00
netfilter: ipset: Fix warn: integer overflows 'sizeof(*map) + size * set->dsize'
Dan Carpenter reported that the static checker emits the warning net/netfilter/ipset/ip_set_list_set.c:600 init_list_set() warn: integer overflows 'sizeof(*map) + size * set->dsize' Limit the maximal number of elements in list type of sets. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
This commit is contained in:
parent
94729f8a1e
commit
1b05756c48
2 changed files with 4 additions and 1 deletions
|
@ -6,5 +6,6 @@
|
|||
|
||||
#define IP_SET_LIST_DEFAULT_SIZE 8
|
||||
#define IP_SET_LIST_MIN_SIZE 4
|
||||
#define IP_SET_LIST_MAX_SIZE 65536
|
||||
|
||||
#endif /* __IP_SET_LIST_H */
|
||||
|
|
|
@ -597,7 +597,9 @@ init_list_set(struct net *net, struct ip_set *set, u32 size)
|
|||
struct set_elem *e;
|
||||
u32 i;
|
||||
|
||||
map = kzalloc(sizeof(*map) + size * set->dsize, GFP_KERNEL);
|
||||
map = kzalloc(sizeof(*map) +
|
||||
min_t(u32, size, IP_SET_LIST_MAX_SIZE) * set->dsize,
|
||||
GFP_KERNEL);
|
||||
if (!map)
|
||||
return false;
|
||||
|
||||
|
|
Loading…
Reference in a new issue