netfilter: ipset: Fix warn: integer overflows 'sizeof(*map) + size * set->dsize'
Dan Carpenter reported that the static checker emits the warning net/netfilter/ipset/ip_set_list_set.c:600 init_list_set() warn: integer overflows 'sizeof(*map) + size * set->dsize' Limit the maximal number of elements in list type of sets. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
This commit is contained in:
parent
94729f8a1e
commit
1b05756c48
@ -6,5 +6,6 @@
|
||||
|
||||
#define IP_SET_LIST_DEFAULT_SIZE 8
|
||||
#define IP_SET_LIST_MIN_SIZE 4
|
||||
#define IP_SET_LIST_MAX_SIZE 65536
|
||||
|
||||
#endif /* __IP_SET_LIST_H */
|
||||
|
@ -597,7 +597,9 @@ init_list_set(struct net *net, struct ip_set *set, u32 size)
|
||||
struct set_elem *e;
|
||||
u32 i;
|
||||
|
||||
map = kzalloc(sizeof(*map) + size * set->dsize, GFP_KERNEL);
|
||||
map = kzalloc(sizeof(*map) +
|
||||
min_t(u32, size, IP_SET_LIST_MAX_SIZE) * set->dsize,
|
||||
GFP_KERNEL);
|
||||
if (!map)
|
||||
return false;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user