From: Alexei Starovoitov <ast@plumgrid.com>
Date: Wed, 19 Nov 2014 01:32:16 +0000 (-0800)
Subject: bpf: fix arraymap NULL deref and missing overflow and zero size checks
X-Git-Tag: omap-for-v3.19/fixes-rc1~125^2~161
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=daaf427c6ab392bedcd018e326b2ffa1e1110cd6;p=pandora-kernel.git

bpf: fix arraymap NULL deref and missing overflow and zero size checks

- fix NULL pointer dereference:
kernel/bpf/arraymap.c:41 array_map_alloc() error: potential null dereference 'array'.  (kzalloc returns null)
kernel/bpf/arraymap.c:41 array_map_alloc() error: we previously assumed 'array' could be null (see line 40)

- integer overflow check was missing in arraymap
(hashmap checks for overflow via kmalloc_array())

- arraymap can round_up(value_size, 8) to zero. check was missing.

- hashmap was missing zero size check as well, since roundup_pow_of_two() can
truncate into zero

- found a typo in the arraymap comment and unnecessary empty line

Fix all of these issues and make both overflow checks explicit U32 in size.

Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

Reading git-diff-tree failed