On Wed, Aug 28, 2024 at 03:10:03PM +0800, Jinjie Ruan wrote:
> Let the kmemdup_array() take care about multiplication and possible
> overflows.
No patch for net/ipv6/netfilter/ip6_tables.c?
We have yet another code copy & paste there.
BTW, could you collapse all these patches for netfilter in one single
patch?
Thanks.
> Signed-off-by: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
> ---
> net/ipv4/netfilter/ip_tables.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
> index fe89a056eb06..096bfef472b1 100644
> --- a/net/ipv4/netfilter/ip_tables.c
> +++ b/net/ipv4/netfilter/ip_tables.c
> @@ -1767,7 +1767,7 @@ int ipt_register_table(struct net *net, const struct xt_table *table,
> goto out_free;
> }
>
> - ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
> + ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
> if (!ops) {
> ret = -ENOMEM;
> goto out_free;
> --
> 2.34.1
>
>
