[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240828071004.1245213-5-ruanjinjie@huawei.com>
Date: Wed, 28 Aug 2024 15:10:03 +0800
From: Jinjie Ruan <ruanjinjie@...wei.com>
To: <pablo@...filter.org>, <kadlec@...filter.org>, <roopa@...dia.com>,
<razor@...ckwall.org>, <davem@...emloft.net>, <edumazet@...gle.com>,
<kuba@...nel.org>, <pabeni@...hat.com>, <dsahern@...nel.org>,
<krzk@...nel.org>, <netfilter-devel@...r.kernel.org>,
<coreteam@...filter.org>, <bridge@...ts.linux.dev>, <netdev@...r.kernel.org>,
<linux-kernel@...r.kernel.org>
CC: <ruanjinjie@...wei.com>
Subject: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation
Let the kmemdup_array() take care about multiplication and possible
overflows.
Signed-off-by: Jinjie Ruan <ruanjinjie@...wei.com>
---
net/ipv4/netfilter/ip_tables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index fe89a056eb06..096bfef472b1 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1767,7 +1767,7 @@ int ipt_register_table(struct net *net, const struct xt_table *table,
goto out_free;
}
- ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
+ ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
if (!ops) {
ret = -ENOMEM;
goto out_free;
--
2.34.1
Powered by blists - more mailing lists