iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: ipset: For set:list types, replaced elements must be zeroed out

Browse Source 
The new extensions require zero initialization for the new element
to be added into a slot from where another element was pushed away.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
This commit is contained in:
Jozsef Kadlecsik 2013-09-23 21:28:06 +02:00
parent 80571a9ea4
commit 8ec81f9a4d
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/netfilter/ipset/ip_set_list_set.c
View File

@ -184,6 +184,8 @@ list_set_add(struct ip_set *set, u32 i, struct set_adt_elem *d,
} }
memmove(list_set_elem(set, map, i + 1), e, memmove(list_set_elem(set, map, i + 1), e,
set->dsize * (map->size - (i + 1))); set->dsize * (map->size - (i + 1)));
/* Extensions must be initialized to zero */
memset(e, 0, set->dsize);
} }
} }
@ -192,7 +194,7 @@ list_set_add(struct ip_set *set, u32 i, struct set_adt_elem *d,
ip_set_timeout_set(ext_timeout(e, set), ext->timeout); ip_set_timeout_set(ext_timeout(e, set), ext->timeout);
if (SET_WITH_COUNTER(set)) if (SET_WITH_COUNTER(set))
ip_set_init_counter(ext_counter(e, set), ext); ip_set_init_counter(ext_counter(e, set), ext);
if (SET_WITH_COMMENT(set) && ext->comment) if (SET_WITH_COMMENT(set))
ip_set_init_comment(ext_comment(e, set), ext); ip_set_init_comment(ext_comment(e, set), ext);
return 0; return 0;
} }