From a875d3fb4beda43cb54b5810565bafc16a568e5c Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Sun, 12 Mar 2017 18:27:45 +0100
Subject: Fix possible truncated output in ipset output buffer handling

Omri Bahumi and Yoni Lavi discovered that due to the inproper
handling of the ipset output buffer, the output may be truncated.
So for example in an "ipset save" output, instead of 192.168.0.0/24,
just 192.168.0.0 printed. If one use "ipset save" and then "ipset restore"
to restore the sets, this may lead to wrong firewall rules at the end.

The patch fixes the bug in the ipset code.
---
 lib/print.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/print.c')

diff --git a/lib/print.c b/lib/print.c
index 7f42434..7dd229e 100644
--- a/lib/print.c
+++ b/lib/print.c
@@ -31,7 +31,7 @@
 #define SNPRINTF_FAILURE(size, len, offset)			\
 do {								\
 	if (size < 0 || (unsigned int) size >= len)		\
-		return size;					\
+		return offset + size;				\
 	offset += size;						\
 	len -= size;						\
 } while (0)
-- 
cgit v1.2.3