diff options
| -rw-r--r-- | net/netfilter/nf_log.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 18e325ce6542..aa5847a16713 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c | |||
| @@ -418,16 +418,17 @@ static int nf_log_proc_dostring(struct ctl_table *table, int write, | |||
| 418 | { | 418 | { |
| 419 | const struct nf_logger *logger; | 419 | const struct nf_logger *logger; |
| 420 | char buf[NFLOGGER_NAME_LEN]; | 420 | char buf[NFLOGGER_NAME_LEN]; |
| 421 | size_t size = *lenp; | ||
| 422 | int r = 0; | 421 | int r = 0; |
| 423 | int tindex = (unsigned long)table->extra1; | 422 | int tindex = (unsigned long)table->extra1; |
| 424 | struct net *net = current->nsproxy->net_ns; | 423 | struct net *net = current->nsproxy->net_ns; |
| 425 | 424 | ||
| 426 | if (write) { | 425 | if (write) { |
| 427 | if (size > sizeof(buf)) | 426 | struct ctl_table tmp = *table; |
| 428 | size = sizeof(buf); | 427 | |
| 429 | if (copy_from_user(buf, buffer, size)) | 428 | tmp.data = buf; |
| 430 | return -EFAULT; | 429 | r = proc_dostring(&tmp, write, buffer, lenp, ppos); |
| 430 | if (r) | ||
| 431 | return r; | ||
| 431 | 432 | ||
| 432 | if (!strcmp(buf, "NONE")) { | 433 | if (!strcmp(buf, "NONE")) { |
| 433 | nf_log_unbind_pf(net, tindex); | 434 | nf_log_unbind_pf(net, tindex); |