[PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation

From: Jinjie Ruan
Date: Wed Aug 28 2024 - 03:03:47 EST

Next message: Masahiro Yamada: "Re: [PATCH v2 00/19] Implement DWARF modversions"
Previous message: Jinjie Ruan: "[PATCH -next 2/5] netfilter: Use kmemdup_array() instead of kmemdup() for multiple allocation"
In reply to: Jinjie Ruan: "[PATCH -next 2/5] netfilter: Use kmemdup_array() instead of kmemdup() for multiple allocation"
Next in thread: Pablo Neira Ayuso: "Re: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Let the kmemdup_array() take care about multiplication and possible
overflows.

Signed-off-by: Jinjie Ruan <ruanjinjie@xxxxxxxxxx>
---
net/ipv4/netfilter/ip_tables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index fe89a056eb06..096bfef472b1 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1767,7 +1767,7 @@ int ipt_register_table(struct net *net, const struct xt_table *table,
goto out_free;
}

- ops = kmemdup(template_ops, sizeof(*ops) * num_ops, GFP_KERNEL);
+ ops = kmemdup_array(template_ops, num_ops, sizeof(*ops), GFP_KERNEL);
if (!ops) {
ret = -ENOMEM;
goto out_free;
--
2.34.1

Next message: Masahiro Yamada: "Re: [PATCH v2 00/19] Implement DWARF modversions"
Previous message: Jinjie Ruan: "[PATCH -next 2/5] netfilter: Use kmemdup_array() instead of kmemdup() for multiple allocation"
In reply to: Jinjie Ruan: "[PATCH -next 2/5] netfilter: Use kmemdup_array() instead of kmemdup() for multiple allocation"
Next in thread: Pablo Neira Ayuso: "Re: [PATCH -next 4/5] netfilter: iptables: Use kmemdup_array() instead of kmemdup() for multiple allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]