diff options
author | David S. Miller <davem@davemloft.net> | 2012-11-22 15:27:18 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-11-22 15:27:18 -0500 |
commit | 84ec95b047d2d02552f07c06d9d6da8b61532090 (patch) | |
tree | 3fc7861a6a2d1ad22722bb905bd3731623463f0f /net/netfilter/ipset/ip_set_hash_ip.c | |
parent | 5e7873d1450e1809b017b943417530db3955ac5f (diff) | |
parent | e93b5f9f320db431ec8623a4c667811007e07fd7 (diff) |
Merge branch 'master' of git://1984.lsi.us.es/nf
Pablo Neira Ayuso says:
====================
The following patchset contains two Netfilter fixes:
* Fix buffer overflow in the name of the timeout policy object
in the cttimeout infrastructure, from Florian Westphal.
* Fix a bug in the hash set in case that IP ranges are
specified, from Jozsef Kadlecsik.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/ipset/ip_set_hash_ip.c')
-rw-r--r-- | net/netfilter/ipset/ip_set_hash_ip.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/ipset/ip_set_hash_ip.c b/net/netfilter/ipset/ip_set_hash_ip.c index ec3dba5dcd6..5c0b78528e5 100644 --- a/net/netfilter/ipset/ip_set_hash_ip.c +++ b/net/netfilter/ipset/ip_set_hash_ip.c @@ -173,6 +173,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[], return adtfn(set, &nip, timeout, flags); } + ip_to = ip; if (tb[IPSET_ATTR_IP_TO]) { ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to); if (ret) @@ -185,8 +186,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[], if (!cidr || cidr > 32) return -IPSET_ERR_INVALID_CIDR; ip_set_mask_from_to(ip, ip_to, cidr); - } else - ip_to = ip; + } hosts = h->netmask == 32 ? 1 : 2 << (32 - h->netmask - 1); |