From ae810f58cbfd08a654877f7f78239526e1caf117 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Mon, 18 Sep 2017 21:43:30 +0200 Subject: Fix adding an IPv4 range containing more than 2^31 addresses Wrong comparison prevented the hash types to add a range with more than 2^31 addresses but reported as a success. Fixes bugzilla id #1005, reported by Oleg Serditov and Oliver Ford. --- kernel/net/netfilter/ipset/ip_set_hash_ipmark.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'kernel/net/netfilter/ipset/ip_set_hash_ipmark.c') diff --git a/kernel/net/netfilter/ipset/ip_set_hash_ipmark.c b/kernel/net/netfilter/ipset/ip_set_hash_ipmark.c index b64cf14..f3ba834 100644 --- a/kernel/net/netfilter/ipset/ip_set_hash_ipmark.c +++ b/kernel/net/netfilter/ipset/ip_set_hash_ipmark.c @@ -149,7 +149,7 @@ hash_ipmark4_uadt(struct ip_set *set, struct nlattr *tb[], if (retried) ip = ntohl(h->next.ip); - for (; !before(ip_to, ip); ip++) { + for (; ip <= ip_to; ip++) { e.ip = htonl(ip); ret = adtfn(set, &e, &ext, &ext, flags); -- cgit v1.2.3