From e03ba84adb62fbc6049325a5bc00ef6932fa5e39 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sat, 1 Dec 2007 00:03:52 +1100 Subject: [PATCH] [TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure If a zero length pattern is passed then return EINVAL. Avoids infinite loops (bm) or invalid memory accesses (kmp). Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: Herbert Xu --- lib/textsearch.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/textsearch.c b/lib/textsearch.c index 88c98a2ec8..be8bda3862 100644 --- a/lib/textsearch.c +++ b/lib/textsearch.c @@ -7,7 +7,7 @@ * 2 of the License, or (at your option) any later version. * * Authors: Thomas Graf - * Pablo Neira Ayuso + * Pablo Neira Ayuso * * ========================================================================== * @@ -250,7 +250,8 @@ unsigned int textsearch_find_continuous(struct ts_config *conf, * the various search algorithms. * * Returns a new textsearch configuration according to the specified - * parameters or a ERR_PTR(). + * parameters or a ERR_PTR(). If a zero length pattern is passed, this + * function returns EINVAL. */ struct ts_config *textsearch_prepare(const char *algo, const void *pattern, unsigned int len, gfp_t gfp_mask, int flags) @@ -259,6 +260,9 @@ struct ts_config *textsearch_prepare(const char *algo, const void *pattern, struct ts_config *conf; struct ts_ops *ops; + if (len == 0) + return ERR_PTR(-EINVAL); + ops = lookup_ts_algo(algo); #ifdef CONFIG_KMOD /* -- 2.39.5