Blame netfilter-ipset-Fix-hash-type-expiration.patch
|
|
bba2ca1 |
From 7210b25e452780f0792e04dd9f84f3a02c582ab7 Mon Sep 17 00:00:00 2001
|
|
|
bba2ca1 |
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
|
|
bba2ca1 |
Date: Sat, 7 Nov 2015 11:23:34 +0100
|
|
|
bba2ca1 |
Subject: [PATCH 2/3] netfilter: ipset: Fix hash:* type expiration
|
|
|
bba2ca1 |
|
|
|
bba2ca1 |
Incorrect index was used when the data blob was shrinked at expiration,
|
|
|
bba2ca1 |
which could lead to falsely expired entries and memory leak when
|
|
|
bba2ca1 |
the comment extension was used too.
|
|
|
bba2ca1 |
|
|
|
bba2ca1 |
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
|
|
|
bba2ca1 |
---
|
|
|
bba2ca1 |
net/netfilter/ipset/ip_set_hash_gen.h | 2 +-
|
|
|
bba2ca1 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
bba2ca1 |
|
|
|
bba2ca1 |
diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h
|
|
|
bba2ca1 |
index 4ff22194ce55..fa4f6374bb73 100644
|
|
|
bba2ca1 |
--- a/net/netfilter/ipset/ip_set_hash_gen.h
|
|
|
bba2ca1 |
+++ b/net/netfilter/ipset/ip_set_hash_gen.h
|
|
|
bba2ca1 |
@@ -523,7 +523,7 @@ mtype_expire(struct ip_set *set, struct htype *h, u8 nets_length, size_t dsize)
|
|
|
bba2ca1 |
continue;
|
|
|
bba2ca1 |
data = ahash_data(n, j, dsize);
|
|
|
bba2ca1 |
memcpy(tmp->value + d * dsize, data, dsize);
|
|
|
bba2ca1 |
- set_bit(j, tmp->used);
|
|
|
bba2ca1 |
+ set_bit(d, tmp->used);
|
|
|
bba2ca1 |
d++;
|
|
|
bba2ca1 |
}
|
|
|
bba2ca1 |
tmp->pos = d;
|
|
|
bba2ca1 |
--
|
|
|
bba2ca1 |
2.4.3
|
|
|
bba2ca1 |
|