diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2017-09-18 21:43:30 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2017-09-18 21:43:30 +0200 |
commit | ae810f58cbfd08a654877f7f78239526e1caf117 (patch) | |
tree | 8ab7319b66b3a4c2b693b89602bef28e753de887 /kernel/net/netfilter/ipset/ip_set_hash_ip.c | |
parent | 7aa278e4c474adfac06ddb35584b31534366628f (diff) | |
download | ipset-ae810f58cbfd08a654877f7f78239526e1caf117.tar.gz |
Fix adding an IPv4 range containing more than 2^31 addresses
Wrong comparison prevented the hash types to add a range with
more than 2^31 addresses but reported as a success.
Fixes bugzilla id #1005, reported by Oleg Serditov and Oliver Ford.
Diffstat (limited to 'kernel/net/netfilter/ipset/ip_set_hash_ip.c')
-rw-r--r-- | kernel/net/netfilter/ipset/ip_set_hash_ip.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_ip.c b/kernel/net/netfilter/ipset/ip_set_hash_ip.c index 20bfbd3..613eb21 100644 --- a/kernel/net/netfilter/ipset/ip_set_hash_ip.c +++ b/kernel/net/netfilter/ipset/ip_set_hash_ip.c @@ -123,13 +123,12 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[], return ret; ip &= ip_set_hostmask(h->netmask); + e.ip = htonl(ip); + if (e.ip == 0) + return -IPSET_ERR_HASH_ELEM; - if (adt == IPSET_TEST) { - e.ip = htonl(ip); - if (e.ip == 0) - return -IPSET_ERR_HASH_ELEM; + if (adt == IPSET_TEST) return adtfn(set, &e, &ext, &ext, flags); - } ip_to = ip; if (tb[IPSET_ATTR_IP_TO]) { @@ -148,17 +147,20 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *tb[], hosts = h->netmask == 32 ? 1 : 2 << (32 - h->netmask - 1); - if (retried) + if (retried) { ip = ntohl(h->next.ip); - for (; !before(ip_to, ip); ip += hosts) { e.ip = htonl(ip); - if (e.ip == 0) - return -IPSET_ERR_HASH_ELEM; + } + for (; ip <= ip_to;) { ret = adtfn(set, &e, &ext, &ext, flags); - if (ret && !ip_set_eexist(ret, flags)) return ret; + ip += hosts; + e.ip = htonl(ip); + if (e.ip == 0) + return 0; + ret = 0; } return ret; |