From: Kris Katterjohn
Sent: 1/9/2006 1:36:49 PM
> This makes the filter length in sk_chk_filter() unsigned as it should be.
>
> Signed-off-by: Kris Katterjohn <[EMAIL PROTECTED]>
>
> This is a diff from 2.6.15.
Here's a new patch against 2.6.15-git5:
--- x/net/core/filter.c 2006-01-09 12:17:03.000000000 -0600
+++ y/net/core/filter.c 2006-01-09 18:19:07.000000000 -0600
@@ -289,10 +289,10 @@ load_b:
*
* Returns 0 if the rule set is legal or a negative errno code if not.
*/
-int sk_chk_filter(struct sock_filter *filter, int flen)
+int sk_chk_filter(struct sock_filter *filter, unsigned int flen)
{
struct sock_filter *ftest;
- int pc;
+ unsigned int pc;
if (flen == 0 || flen > BPF_MAXINSNS)
return -EINVAL;
@@ -360,7 +360,7 @@ int sk_chk_filter(struct sock_filter *fi
* Compare this with conditional jumps below,
* where offsets are limited. --ANK (981016)
*/
- if (ftest->k >= (unsigned)(flen-pc-1))
+ if (ftest->k >= flen - pc - 1)
return -EINVAL;
break;
--- x/include/linux/filter.h 2006-01-09 12:16:58.000000000 -0600
+++ y/include/linux/filter.h 2006-01-09 18:19:28.000000000 -0600
@@ -145,7 +145,7 @@ struct sock;
extern unsigned int sk_run_filter(struct sk_buff *skb, struct sock_filter
*filter, int flen);
extern int sk_attach_filter(struct sock_fprog *fprog, struct sock *sk);
-extern int sk_chk_filter(struct sock_filter *filter, int flen);
+extern int sk_chk_filter(struct sock_filter *filter, unsigned int flen);
#endif /* __KERNEL__ */
#endif /* __LINUX_FILTER_H__ */
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
