From f25e10b1c915dc4e88d38426dfedebfbbd8c0634 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 13 Oct 2021 13:05:17 +0900 Subject: [PATCH] core/bpf-firewall: add missing oom check Fixes CID#1464627. --- src/core/bpf-firewall.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/core/bpf-firewall.c b/src/core/bpf-firewall.c index 7067a0dfcc..2c202f1ea6 100644 --- a/src/core/bpf-firewall.c +++ b/src/core/bpf-firewall.c @@ -657,7 +657,9 @@ static int attach_custom_bpf_progs(Unit *u, const char *path, int attach_type, S assert(u); set_clear(*set_installed); - set_ensure_allocated(set_installed, &bpf_program_hash_ops); + r = set_ensure_allocated(set_installed, &bpf_program_hash_ops); + if (r < 0) + return log_oom(); SET_FOREACH_MOVE(prog, *set_installed, *set) { r = bpf_program_cgroup_attach(prog, attach_type, path, BPF_F_ALLOW_MULTI);