extensions: among: Check call to fstat()

If this fails, a bogus length value may be passed to mmap(). Fixes: 26753888720d8 ("nft: bridge: Rudimental among extension support")
author: Phil Sutter <phil@nwl.cc> 2019-12-05 16:35:51 +0100
committer: Phil Sutter <phil@nwl.cc> 2019-12-06 12:12:08 +0100
commit: 25b38bcbf2fdc019f438805c7d1ecd877af9c968 (patch)
tree: ae925624237824846c2bb27468d8789d4d4d3d29 /extensions/libebt_among.c
parent: 2861bdbbf062071487a49103513d129ce40e2652 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/extensions/libebt_among.c b/extensions/libebt_among.c
index 2e87db3b..715d559f 100644
--- a/extensions/libebt_among.c
+++ b/extensions/libebt_among.c
@@ -6,6 +6,7 @@
  * August, 2003
  */
 
+#include <errno.h>
 #include <ctype.h>
 #include <fcntl.h>
 #include <getopt.h>
@@ -137,7 +138,10 @@ static int bramong_parse(int c, char **argv, int invert,
 		if ((fd = open(optarg, O_RDONLY)) == -1)
 			xtables_error(PARAMETER_PROBLEM,
 				      "Couldn't open file '%s'", optarg);
-		fstat(fd, &stats);
+		if (fstat(fd, &stats) < 0)
+			xtables_error(PARAMETER_PROBLEM,
+				      "fstat(%s) failed: '%s'",
+				      optarg, strerror(errno));
 		flen = stats.st_size;
 		/* use mmap because the file will probably be big */
 		optarg = mmap(0, flen, PROT_READ | PROT_WRITE,
author	Phil Sutter <phil@nwl.cc>	2019-12-05 16:35:51 +0100
committer	Phil Sutter <phil@nwl.cc>	2019-12-06 12:12:08 +0100
commit	25b38bcbf2fdc019f438805c7d1ecd877af9c968 (patch)
tree	ae925624237824846c2bb27468d8789d4d4d3d29 /extensions/libebt_among.c
parent	2861bdbbf062071487a49103513d129ce40e2652 (diff)