From 7219d88329cabcdd05df9477af6e2dee007b60b1 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Fri, 4 May 2012 21:37:28 +0200 Subject: Fix timeout value overflow bug at large timeout parameters Large timeout parameters could result wrong timeout values due to an overflow at msec to jiffies conversion (reported by Andreas Herz) --- lib/parse.c | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) (limited to 'lib/parse.c') diff --git a/lib/parse.c b/lib/parse.c index 30efdb6..2cbd30e 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -1129,6 +1129,35 @@ ipset_parse_ip4_net6(struct ipset_session *session, } +/** + * ipset_parse_timeout - parse timeout parameter + * @session: session structure + * @opt: option kind of the data + * @str: string to parse + * + * Parse string as a timeout parameter. We have to take into account + * the jiffies storage in kernel. + * + * Returns 0 on success or a negative error code. + */ +int +ipset_parse_timeout(struct ipset_session *session, + enum ipset_opt opt, const char *str) +{ + int err; + unsigned long long num = 0; + + assert(session); + assert(opt == IPSET_OPT_TIMEOUT); + assert(str); + + err = string_to_number_ll(session, str, 0, UINT_MAX/1000, &num); + if (err == 0) + return ipset_session_data_set(session, opt, &num); + + return err; +} + /** * ipset_parse_iptimeout - parse IPv4|IPv6 address and timeout * @session: session structure @@ -1171,7 +1200,7 @@ ipset_parse_iptimeout(struct ipset_session *session, *a++ = '\0'; err = parse_ip(session, opt, tmp, IPADDR_ANY); if (!err) - err = ipset_parse_uint32(session, IPSET_OPT_TIMEOUT, a); + err = ipset_parse_timeout(session, IPSET_OPT_TIMEOUT, a); free(saved); return err; -- cgit v1.2.3