diff options
| author | Daniel Borkmann <dborkman@redhat.com> | 2013-12-16 11:45:00 +0100 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2013-12-17 17:11:00 -0500 |
| commit | 8b138da62f3ef370bebaaed7385020993bb787ae (patch) | |
| tree | 38169f4e3cc5897a268209d9c4fdbc0888e01d21 /tools/net | |
| parent | 5c509a2edf386a98fea37d49a06abd4da9e227ea (diff) | |
| download | linux-0-day-8b138da62f3ef370bebaaed7385020993bb787ae.tar.gz linux-0-day-8b138da62f3ef370bebaaed7385020993bb787ae.tar.xz | |
bpf_dbg: always close socket in bpf_runnable
We must not leave the socket intact in bpf_runnable(). The socket
is used to test if the filter code is being accepted by the kernel
or not. So right after we do the setsockopt(2), we need to close
it again.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'tools/net')
| -rw-r--r-- | tools/net/bpf_dbg.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/net/bpf_dbg.c b/tools/net/bpf_dbg.c index 0fdcb707a2e7b..65dc757f7f7b5 100644 --- a/tools/net/bpf_dbg.c +++ b/tools/net/bpf_dbg.c @@ -512,11 +512,11 @@ static bool bpf_runnable(struct sock_filter *f, unsigned int len) return false; } ret = setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &bpf, sizeof(bpf)); + close(sock); if (ret < 0) { rl_printf("program not allowed to run by kernel!\n"); return false; } - close(sock); for (i = 0; i < len; i++) { if (BPF_CLASS(f[i].code) == BPF_LD && f[i].k > SKF_AD_OFF) { |