diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-11-05 16:56:42 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-11-05 16:56:42 +0100 |
commit | 12ce5f09acfece76aeb5021de583d156567249d5 (patch) | |
tree | bd52ff3b1eb7284ddbdf8e125e603b3fe500a39a /kernel/net/netfilter/ipset/ip_set_hash_ipportip.c | |
parent | 79227b290d1ce936ca4c09652b4b089397d25f4b (diff) |
Fix range bug in hash:ip,port,net
Due to the missing ininitalization at adding/deleting entries, when
a plain_ip,port,net element was to be added, multiple elements were
added/deleted instead. The bug came from the missing dangling
default initialization.
The error-prone default initialization is corrected in all hash:* types.
Diffstat (limited to 'kernel/net/netfilter/ipset/ip_set_hash_ipportip.c')
-rw-r--r-- | kernel/net/netfilter/ipset/ip_set_hash_ipportip.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_ipportip.c b/kernel/net/netfilter/ipset/ip_set_hash_ipportip.c index 6344ef5..6a21271 100644 --- a/kernel/net/netfilter/ipset/ip_set_hash_ipportip.c +++ b/kernel/net/netfilter/ipset/ip_set_hash_ipportip.c @@ -166,7 +166,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[], const struct ip_set_hash *h = set->data; ipset_adtfn adtfn = set->variant->adt[adt]; struct hash_ipportip4_elem data = { }; - u32 ip, ip_to = 0, p = 0, port, port_to; + u32 ip, ip_to, p = 0, port, port_to; u32 timeout = h->timeout; bool with_ports = false; int ret; @@ -218,7 +218,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[], return ip_set_eexist(ret, flags) ? 0 : ret; } - ip = ntohl(data.ip); + ip_to = ip = ntohl(data.ip); if (tb[IPSET_ATTR_IP_TO]) { ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to); if (ret) @@ -231,8 +231,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *tb[], if (!cidr || cidr > 32) return -IPSET_ERR_INVALID_CIDR; ip_set_mask_from_to(ip, ip_to, cidr); - } else - ip_to = ip; + } port_to = port = ntohs(data.port); if (with_ports && tb[IPSET_ATTR_PORT_TO]) { |