Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e03ba84a authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso Committed by Herbert Xu
Browse files

[TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure 



If a zero length pattern is passed then return EINVAL.
Avoids infinite loops (bm) or invalid memory accesses (kmp).

Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 67b4af29

lib/textsearch.c

+6 −2
Original line number Diff line number Diff line
@@ -7,7 +7,7 @@ 
 *		2 of the License, or (at your option) any later version.

 *

 * Authors:	Thomas Graf <tgraf@suug.ch>

 * 		Pablo Neira Ayuso <pablo@eurodev.net>

 * 		Pablo Neira Ayuso <pablo@netfilter.org>

 *

 * ==========================================================================

 *
@@ -250,7 +250,8 @@ unsigned int textsearch_find_continuous(struct ts_config *conf, 
 *       the various search algorithms.

 *

 * Returns a new textsearch configuration according to the specified

 *         parameters or a ERR_PTR().

 * parameters or a ERR_PTR(). If a zero length pattern is passed, this

 * function returns EINVAL.

 */

struct ts_config *textsearch_prepare(const char *algo, const void *pattern,

				     unsigned int len, gfp_t gfp_mask, int flags)
@@ -259,6 +260,9 @@ struct ts_config *textsearch_prepare(const char *algo, const void *pattern, 
	struct ts_config *conf;

	struct ts_ops *ops;

	

	if (len == 0)

		return ERR_PTR(-EINVAL);



	ops = lookup_ts_algo(algo);

#ifdef CONFIG_KMOD

	/*