Validate the set family and not the set type family at swapping.

Bug reported by Quentin Armitage, netfilter bugzilla id #843.
author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2013-08-14 16:07:49 +0200
committer: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2013-08-14 16:07:49 +0200
commit: 5a7bfa4c830ab7263c40432fbd9223ee44dc69f3 (patch)
tree: 59e92fe19e05bd14f0fbfd1e6df473a929d256e6 /kernel/net/netfilter/ipset
parent: 40b22a6f6ab6ac2ac75627e6943f9ff3584ab3fd (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c
index 0329dae..4c95bb8 100644
--- a/kernel/net/netfilter/ipset/ip_set_core.c
+++ b/kernel/net/netfilter/ipset/ip_set_core.c
@@ -1058,7 +1058,7 @@ ip_set_swap(struct sock *ctnl, struct sk_buff *skb,
 	 * Not an artifical restriction anymore, as we must prevent
 	 * possible loops created by swapping in setlist type of sets. */
 	if (!(from->type->features == to->type->features &&
-	      from->type->family == to->type->family))
+	      from->family == to->family))
 		return -IPSET_ERR_TYPE_MISMATCH;
 
 	strncpy(from_name, from->name, IPSET_MAXNAMELEN);
author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2013-08-14 16:07:49 +0200
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2013-08-14 16:07:49 +0200
commit	5a7bfa4c830ab7263c40432fbd9223ee44dc69f3 (patch)
tree	59e92fe19e05bd14f0fbfd1e6df473a929d256e6 /kernel/net/netfilter/ipset
parent	40b22a6f6ab6ac2ac75627e6943f9ff3584ab3fd (diff)