Re: [PATCH 1/6] sysctl: faster reimplementation of sysctl_check_table
From: Lucian Adrian Grijincu
Date: Fri Feb 04 2011 - 16:34:43 EST
On Fri, Feb 4, 2011 at 11:11 PM, Eric W. Biederman
<ebiederm@xxxxxxxxxxxx> wrote:
>> +static int __sysctl_check_table(struct nsproxy *namespaces,
>> + Â Â struct ctl_table *table, struct ctl_table **parents, int depth)
>> Â{
>> + Â Â const char *fail = NULL;
>> Â Â Â int error = 0;
>> +
>> + Â Â if (depth >= CTL_MAXNAME) {
>
> This should be depth > CTL_MAXNAME. ÂBecause there are only CTL_MAXNAME
> entries in the array.
A bit lower in the array we access 'parents[depth]'.
So the correct check should be (depth >= CTL_MAXNAME) => error.
>> - Â Â Â Â Â Â Â Â Â Â sysctl_check_leaf(namespaces, table, &fail);
>> + Â Â Â Â Â Â Â Â Â Â parents[depth] = table;
>> + Â Â Â Â Â Â Â Â Â Â sysctl_check_leaf(namespaces, table, &fail,
>> + Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â parents, depth);
>> Â Â Â Â Â Â Â }
>> + Â Â Â Â Â Â if (table->child) {
>> + Â Â Â Â Â Â Â Â Â Â parents[depth] = table;
>> + Â Â Â Â Â Â Â Â Â Â error |= __sysctl_check_table(namespaces, table->child,
>> + Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â parents, depth + 1);
>> + Â Â Â Â Â Â }
--
Â.
..: Lucian
èº{.nÇ+·®+%Ëlzwm
ébëæìr¸zX§»®w¥{ayºÊÚë,j¢f£¢·hàz¹®w¥¢¸¢·¦j:+v¨wèjØm¶ÿ¾«êçzZ+ùÝj"ú!¶iOæ¬z·vØ^¶m§ÿðÃnÆàþY&