patch-2.4.14 linux/net/ipv4/netfilter/ip_tables.c

Next file: linux/net/ipv4/netfilter/ipt_LOG.c
Previous file: linux/net/ipv4/netfilter/ip_nat_snmp_basic.c
Back to the patch index
Back to the overall index

diff -u --recursive --new-file v2.4.13/linux/net/ipv4/netfilter/ip_tables.c linux/net/ipv4/netfilter/ip_tables.c
@@ -1059,6 +1059,10 @@
 	if (len != sizeof(tmp) + tmp.size)
 		return -ENOPROTOOPT;
 
+	/* Pedantry: prevent them from hitting BUG() in vmalloc.c --RR */
+	if ((SMP_ALIGN(tmp.size) >> PAGE_SHIFT) + 2 > num_physpages)
+		return -ENOMEM;
+
 	newinfo = vmalloc(sizeof(struct ipt_table_info)
 			  + SMP_ALIGN(tmp.size) * smp_num_cpus);
 	if (!newinfo)
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)