[patch 24/36] TEXTSEARCH: Do not allow zero length patterns in thetextsearch infrastructure
From: Greg KH
Date: Thu Dec 13 2007 - 01:46:18 EST
2.6.22-stable review patch. If anyone has any objections, please let us
know.
------------------
From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
[TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure
[ Upstream commit: e03ba84adb62fbc6049325a5bc00ef6932fa5e39 ]
If a zero length pattern is passed then return EINVAL.
Avoids infinite loops (bm) or invalid memory accesses (kmp).
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
---
lib/textsearch.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/lib/textsearch.c
+++ b/lib/textsearch.c
@@ -7,7 +7,7 @@
* 2 of the License, or (at your option) any later version.
*
* Authors: Thomas Graf <tgraf@xxxxxxx>
- * Pablo Neira Ayuso <pablo@xxxxxxxxxxx>
+ * Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
*
* ==========================================================================
*
@@ -250,7 +250,8 @@ unsigned int textsearch_find_continuous(
* the various search algorithms.
*
* Returns a new textsearch configuration according to the specified
- * parameters or a ERR_PTR().
+ * parameters or a ERR_PTR(). If a zero length pattern is passed, this
+ * function returns EINVAL.
*/
struct ts_config *textsearch_prepare(const char *algo, const void *pattern,
unsigned int len, gfp_t gfp_mask, int flags)
@@ -259,6 +260,9 @@ struct ts_config *textsearch_prepare(con
struct ts_config *conf;
struct ts_ops *ops;
+ if (len == 0)
+ return ERR_PTR(-EINVAL);
+
ops = lookup_ts_algo(algo);
#ifdef CONFIG_KMOD
/*
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/