[NET]: Reject socket filter if division by constant zero is attempted.

This way we don't have to check it in sk_run_filter().

Signed-off-by: Kris Katterjohn <kjak@users.sourceforge.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/core/filter.c

@@ -116,8 +116,6 @@ int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen)
 			A /= X;
 			continue;
 		case BPF_ALU|BPF_DIV|BPF_K:
-			if (fentry->k == 0)
-				return 0;
 			A /= fentry->k;
 			continue;
 		case BPF_ALU|BPF_AND|BPF_X:
@@ -320,6 +318,10 @@ int sk_chk_filter(struct sock_filter *filter, int flen)
 			}
 		}
 
+		/* check for division by zero   -Kris Katterjohn 2005-10-30 */
+		if (ftest->code == (BPF_ALU|BPF_DIV|BPF_K) && ftest->k == 0)
+			return -EINVAL;
+
 		/* check that memory operations use valid addresses. */
 		if (ftest->k >= BPF_MEMWORDS) {
 			/* but it might not be a memory operation... */