summaryrefslogtreecommitdiff
path: root/net/netfilter/xt_bpf.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netfilter/xt_bpf.c')
-rw-r--r--net/netfilter/xt_bpf.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/xt_bpf.c b/net/netfilter/xt_bpf.c
index dffee9d47ec4..7b993f25aab9 100644
--- a/net/netfilter/xt_bpf.c
+++ b/net/netfilter/xt_bpf.c
@@ -25,6 +25,9 @@ static int bpf_mt_check(const struct xt_mtchk_param *par)
struct xt_bpf_info *info = par->matchinfo;
struct sock_fprog_kern program;
+ if (info->bpf_program_num_elem > XT_BPF_MAX_NUM_INSTR)
+ return -EINVAL;
+
program.len = info->bpf_program_num_elem;
program.filter = info->bpf_program;
generated by cgit v1.2.3 (git 2.0.4) at 2024-05-11 22:30:16 +0000