aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net/netfilter/ipset/ip_set_bitmap_ipmac.c4
-rw-r--r--net/netfilter/ipset/ip_set_core.c18
-rw-r--r--net/netfilter/xt_set.c18
3 files changed, 30 insertions, 10 deletions
diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c
index 00a33242e90c..a274300b6a56 100644
--- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c
+++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c
@@ -343,6 +343,10 @@ bitmap_ipmac_kadt(struct ip_set *set, const struct sk_buff *skb,
343 ipset_adtfn adtfn = set->variant->adt[adt]; 343 ipset_adtfn adtfn = set->variant->adt[adt];
344 struct ipmac data; 344 struct ipmac data;
345 345
346 /* MAC can be src only */
347 if (!(flags & IPSET_DIM_TWO_SRC))
348 return 0;
349
346 data.id = ntohl(ip4addr(skb, flags & IPSET_DIM_ONE_SRC)); 350 data.id = ntohl(ip4addr(skb, flags & IPSET_DIM_ONE_SRC));
347 if (data.id < map->first_ip || data.id > map->last_ip) 351 if (data.id < map->first_ip || data.id > map->last_ip)
348 return -IPSET_ERR_BITMAP_RANGE; 352 return -IPSET_ERR_BITMAP_RANGE;
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index 9152e69a162d..72d1ac611fdc 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -1022,8 +1022,9 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
1022 if (cb->args[1] >= ip_set_max) 1022 if (cb->args[1] >= ip_set_max)
1023 goto out; 1023 goto out;
1024 1024
1025 pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]);
1026 max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max; 1025 max = cb->args[0] == DUMP_ONE ? cb->args[1] + 1 : ip_set_max;
1026dump_last:
1027 pr_debug("args[0]: %ld args[1]: %ld\n", cb->args[0], cb->args[1]);
1027 for (; cb->args[1] < max; cb->args[1]++) { 1028 for (; cb->args[1] < max; cb->args[1]++) {
1028 index = (ip_set_id_t) cb->args[1]; 1029 index = (ip_set_id_t) cb->args[1];
1029 set = ip_set_list[index]; 1030 set = ip_set_list[index];
@@ -1038,8 +1039,8 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
1038 * so that lists (unions of sets) are dumped last. 1039 * so that lists (unions of sets) are dumped last.
1039 */ 1040 */
1040 if (cb->args[0] != DUMP_ONE && 1041 if (cb->args[0] != DUMP_ONE &&
1041 !((cb->args[0] == DUMP_ALL) ^ 1042 ((cb->args[0] == DUMP_ALL) ==
1042 (set->type->features & IPSET_DUMP_LAST))) 1043 !!(set->type->features & IPSET_DUMP_LAST)))
1043 continue; 1044 continue;
1044 pr_debug("List set: %s\n", set->name); 1045 pr_debug("List set: %s\n", set->name);
1045 if (!cb->args[2]) { 1046 if (!cb->args[2]) {
@@ -1083,6 +1084,12 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
1083 goto release_refcount; 1084 goto release_refcount;
1084 } 1085 }
1085 } 1086 }
1087 /* If we dump all sets, continue with dumping last ones */
1088 if (cb->args[0] == DUMP_ALL) {
1089 cb->args[0] = DUMP_LAST;
1090 cb->args[1] = 0;
1091 goto dump_last;
1092 }
1086 goto out; 1093 goto out;
1087 1094
1088nla_put_failure: 1095nla_put_failure:
@@ -1093,11 +1100,6 @@ release_refcount:
1093 pr_debug("release set %s\n", ip_set_list[index]->name); 1100 pr_debug("release set %s\n", ip_set_list[index]->name);
1094 ip_set_put_byindex(index); 1101 ip_set_put_byindex(index);
1095 } 1102 }
1096
1097 /* If we dump all sets, continue with dumping last ones */
1098 if (cb->args[0] == DUMP_ALL && cb->args[1] >= max && !cb->args[2])
1099 cb->args[0] = DUMP_LAST;
1100
1101out: 1103out:
1102 if (nlh) { 1104 if (nlh) {
1103 nlmsg_end(skb, nlh); 1105 nlmsg_end(skb, nlh);
diff --git a/net/netfilter/xt_set.c b/net/netfilter/xt_set.c
index 061d48cec137..b3babaed7719 100644
--- a/net/netfilter/xt_set.c
+++ b/net/netfilter/xt_set.c
@@ -81,6 +81,7 @@ set_match_v0_checkentry(const struct xt_mtchk_param *par)
81 if (info->match_set.u.flags[IPSET_DIM_MAX-1] != 0) { 81 if (info->match_set.u.flags[IPSET_DIM_MAX-1] != 0) {
82 pr_warning("Protocol error: set match dimension " 82 pr_warning("Protocol error: set match dimension "
83 "is over the limit!\n"); 83 "is over the limit!\n");
84 ip_set_nfnl_put(info->match_set.index);
84 return -ERANGE; 85 return -ERANGE;
85 } 86 }
86 87
@@ -135,6 +136,8 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par)
135 if (index == IPSET_INVALID_ID) { 136 if (index == IPSET_INVALID_ID) {
136 pr_warning("Cannot find del_set index %u as target\n", 137 pr_warning("Cannot find del_set index %u as target\n",
137 info->del_set.index); 138 info->del_set.index);
139 if (info->add_set.index != IPSET_INVALID_ID)
140 ip_set_nfnl_put(info->add_set.index);
138 return -ENOENT; 141 return -ENOENT;
139 } 142 }
140 } 143 }
@@ -142,6 +145,10 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par)
142 info->del_set.u.flags[IPSET_DIM_MAX-1] != 0) { 145 info->del_set.u.flags[IPSET_DIM_MAX-1] != 0) {
143 pr_warning("Protocol error: SET target dimension " 146 pr_warning("Protocol error: SET target dimension "
144 "is over the limit!\n"); 147 "is over the limit!\n");
148 if (info->add_set.index != IPSET_INVALID_ID)
149 ip_set_nfnl_put(info->add_set.index);
150 if (info->del_set.index != IPSET_INVALID_ID)
151 ip_set_nfnl_put(info->del_set.index);
145 return -ERANGE; 152 return -ERANGE;
146 } 153 }
147 154
@@ -192,6 +199,7 @@ set_match_checkentry(const struct xt_mtchk_param *par)
192 if (info->match_set.dim > IPSET_DIM_MAX) { 199 if (info->match_set.dim > IPSET_DIM_MAX) {
193 pr_warning("Protocol error: set match dimension " 200 pr_warning("Protocol error: set match dimension "
194 "is over the limit!\n"); 201 "is over the limit!\n");
202 ip_set_nfnl_put(info->match_set.index);
195 return -ERANGE; 203 return -ERANGE;
196 } 204 }
197 205
@@ -219,7 +227,7 @@ set_target(struct sk_buff *skb, const struct xt_action_param *par)
219 if (info->del_set.index != IPSET_INVALID_ID) 227 if (info->del_set.index != IPSET_INVALID_ID)
220 ip_set_del(info->del_set.index, 228 ip_set_del(info->del_set.index,
221 skb, par->family, 229 skb, par->family,
222 info->add_set.dim, 230 info->del_set.dim,
223 info->del_set.flags); 231 info->del_set.flags);
224 232
225 return XT_CONTINUE; 233 return XT_CONTINUE;
@@ -245,13 +253,19 @@ set_target_checkentry(const struct xt_tgchk_param *par)
245 if (index == IPSET_INVALID_ID) { 253 if (index == IPSET_INVALID_ID) {
246 pr_warning("Cannot find del_set index %u as target\n", 254 pr_warning("Cannot find del_set index %u as target\n",
247 info->del_set.index); 255 info->del_set.index);
256 if (info->add_set.index != IPSET_INVALID_ID)
257 ip_set_nfnl_put(info->add_set.index);
248 return -ENOENT; 258 return -ENOENT;
249 } 259 }
250 } 260 }
251 if (info->add_set.dim > IPSET_DIM_MAX || 261 if (info->add_set.dim > IPSET_DIM_MAX ||
252 info->del_set.flags > IPSET_DIM_MAX) { 262 info->del_set.dim > IPSET_DIM_MAX) {
253 pr_warning("Protocol error: SET target dimension " 263 pr_warning("Protocol error: SET target dimension "
254 "is over the limit!\n"); 264 "is over the limit!\n");
265 if (info->add_set.index != IPSET_INVALID_ID)
266 ip_set_nfnl_put(info->add_set.index);
267 if (info->del_set.index != IPSET_INVALID_ID)
268 ip_set_nfnl_put(info->del_set.index);
255 return -ERANGE; 269 return -ERANGE;
256 } 270 }
257 271
generated by cgit v1.2.2 (git 2.25.0) at 2026-01-01 15:10:43 -0500