summaryrefslogtreecommitdiff
path: root/net/ipv4/cipso_ipv4.c
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2007-02-28 15:14:21 -0500
committerJames Morris <jmorris@namei.org>2007-04-26 01:35:47 -0400
commit128c6b6cbffc8203e13ea5712a8aa65d2ed82e4e (patch)
tree1b3717c2d5972a03eeef1f9eb6e9c0de064a1dfb /net/ipv4/cipso_ipv4.c
parentf998e8cb52396c6a197d14f6afb07144324aea6d (diff)
NetLabel: convert a BUG_ON in the CIPSO code to a runtime check
This patch changes a BUG_ON in the CIPSO code to a runtime check. It should also increase the readability of the code as it replaces an unexplained constant with a well defined macro. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net/ipv4/cipso_ipv4.c')
-rw-r--r--net/ipv4/cipso_ipv4.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index d466bd5186a1..6afc398c6a22 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -1142,7 +1142,9 @@ static int cipso_v4_map_cat_rng_hton(const struct cipso_v4_doi *doi_def,
u32 cat_size = 0;
/* make sure we don't overflow the 'array[]' variable */
- BUG_ON(net_cat_len > 30);
+ if (net_cat_len >
+ (CIPSO_V4_OPT_LEN_MAX - CIPSO_V4_HDR_LEN - CIPSO_V4_TAG_RNG_BLEN))
+ return -ENOSPC;
for (;;) {
iter = netlbl_secattr_catmap_walk(secattr->mls_cat, iter + 1);