diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2017-09-18 21:43:30 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2017-09-18 21:43:30 +0200 |
commit | ae810f58cbfd08a654877f7f78239526e1caf117 (patch) | |
tree | 8ab7319b66b3a4c2b693b89602bef28e753de887 /kernel/net/netfilter/ipset/ip_set_hash_netnet.c | |
parent | 7aa278e4c474adfac06ddb35584b31534366628f (diff) |
Fix adding an IPv4 range containing more than 2^31 addresses
Wrong comparison prevented the hash types to add a range with
more than 2^31 addresses but reported as a success.
Fixes bugzilla id #1005, reported by Oleg Serditov and Oliver Ford.
Diffstat (limited to 'kernel/net/netfilter/ipset/ip_set_hash_netnet.c')
-rw-r--r-- | kernel/net/netfilter/ipset/ip_set_hash_netnet.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_netnet.c b/kernel/net/netfilter/ipset/ip_set_hash_netnet.c index db614e1..7f9ae2e 100644 --- a/kernel/net/netfilter/ipset/ip_set_hash_netnet.c +++ b/kernel/net/netfilter/ipset/ip_set_hash_netnet.c @@ -250,13 +250,13 @@ hash_netnet4_uadt(struct ip_set *set, struct nlattr *tb[], if (retried) ip = ntohl(h->next.ip[0]); - while (!after(ip, ip_to)) { + while (ip <= ip_to) { e.ip[0] = htonl(ip); last = ip_set_range_to_cidr(ip, ip_to, &e.cidr[0]); ip2 = (retried && ip == ntohl(h->next.ip[0])) ? ntohl(h->next.ip[1]) : ip2_from; - while (!after(ip2, ip2_to)) { + while (ip2 <= ip2_to) { e.ip[1] = htonl(ip2); last2 = ip_set_range_to_cidr(ip2, ip2_to, &e.cidr[1]); ret = adtfn(set, &e, &ext, &ext, flags); |