diff options
author | /C=EU/ST=EU/CN=Jozsef Kadlecsik/emailAddress=kadlec@blackhole.kfki.hu </C=EU/ST=EU/CN=Jozsef Kadlecsik/emailAddress=kadlec@blackhole.kfki.hu> | 2008-11-13 09:36:37 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Jozsef Kadlecsik/emailAddress=kadlec@blackhole.kfki.hu </C=EU/ST=EU/CN=Jozsef Kadlecsik/emailAddress=kadlec@blackhole.kfki.hu> | 2008-11-13 09:36:37 +0000 |
commit | 4eec8b3824d49c1c0503ebbf7844a4e312bc29e1 (patch) | |
tree | 9b67c7a33f683e5a607517dc3ca5a0ddaefeb449 /kernel/ip_set_ipportnethash.c | |
parent | b3259c8f91a689e01469b4eca8ada7924011be25 (diff) |
2.4.4
- Premature checking prevents to add valid elements to hash
types, fixed (bug reported by JC Janos).
- Local variable shadows another variable, fixed (reported
by Jan Engelhardt).
- More compiler warning options added and warnings fixed.
Diffstat (limited to 'kernel/ip_set_ipportnethash.c')
-rw-r--r-- | kernel/ip_set_ipportnethash.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/kernel/ip_set_ipportnethash.c b/kernel/ip_set_ipportnethash.c index 3c7f859..87385a3 100644 --- a/kernel/ip_set_ipportnethash.c +++ b/kernel/ip_set_ipportnethash.c @@ -44,6 +44,8 @@ ipportnethash_id_cidr(struct ip_set *set, ip_set_ip_t *hash_ip, DP("set: %s, ipport:%u.%u.%u.%u:%u, %u.%u.%u.%u", set->name, HIPQUAD(ip), port, HIPQUAD(*hash_ip)); ip1 = pack_ip_cidr(ip1, cidr); + if (!(*hash_ip || ip1)) + return UINT_MAX; for (i = 0; i < map->probes; i++) { id = jhash_ip2(map, i, *hash_ip, ip1) % map->hashsize; @@ -104,13 +106,10 @@ static int ipportnethash_utest(struct ip_set *set, const void *data, size_t size, ip_set_ip_t *hash_ip) { - const struct ip_set_ipportnethash *map = set->data; const struct ip_set_req_ipportnethash *req = data; if (req->cidr <= 0 || req->cidr > 32) return -EINVAL; - if (!(pack_ip_port(map, req->ip, req->port))) - return -ERANGE; return (req->cidr == 32 ? ipportnethash_test(set, hash_ip, req->ip, req->port, req->ip1) @@ -120,7 +119,6 @@ ipportnethash_utest(struct ip_set *set, const void *data, size_t size, #define KADT_CONDITION \ ip_set_ip_t port, ip1; \ - struct ip_set_ipportnethash *map = set->data; \ \ if (flags[index+2] == 0) \ return 0; \ @@ -129,8 +127,6 @@ ipportnethash_utest(struct ip_set *set, const void *data, size_t size, ip1 = ipaddr(skb, flags[index+2]); \ \ if (port == INVALID_PORT) \ - return 0; \ - if (!(pack_ip_port(map, ip, port))) \ return 0; KADT(ipportnethash, test, ipaddr, port, ip1) @@ -185,10 +181,11 @@ ipportnethash_add(struct ip_set *set, ip_set_ip_t *hash_ip, return -ERANGE; *hash_ip = pack_ip_port(map, ip, port); + ip1 = pack_ip_cidr(ip1, cidr); if (!(*hash_ip || ip1)) return -ERANGE; - ret =__ipportnet_add(map, *hash_ip, pack_ip_cidr(ip1, cidr)); + ret =__ipportnet_add(map, *hash_ip, ip1); if (ret == 0) { if (!map->nets[cidr-1]++) add_cidr_size(map->cidr, cidr); |