aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/linux/netfilter/ipset/ip_set_list.h1
-rw-r--r--net/netfilter/ipset/ip_set_list_set.c4
2 files changed, 4 insertions, 1 deletions
diff --git a/include/linux/netfilter/ipset/ip_set_list.h b/include/linux/netfilter/ipset/ip_set_list.h
index 68c2aea897f5..fe2622a00151 100644
--- a/include/linux/netfilter/ipset/ip_set_list.h
+++ b/include/linux/netfilter/ipset/ip_set_list.h
@@ -6,5 +6,6 @@
6 6
7#define IP_SET_LIST_DEFAULT_SIZE 8 7#define IP_SET_LIST_DEFAULT_SIZE 8
8#define IP_SET_LIST_MIN_SIZE 4 8#define IP_SET_LIST_MIN_SIZE 4
9#define IP_SET_LIST_MAX_SIZE 65536
9 10
10#endif /* __IP_SET_LIST_H */ 11#endif /* __IP_SET_LIST_H */
diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c
index 3e2317f3cf68..f87adbad6076 100644
--- a/net/netfilter/ipset/ip_set_list_set.c
+++ b/net/netfilter/ipset/ip_set_list_set.c
@@ -597,7 +597,9 @@ init_list_set(struct net *net, struct ip_set *set, u32 size)
597 struct set_elem *e; 597 struct set_elem *e;
598 u32 i; 598 u32 i;
599 599
600 map = kzalloc(sizeof(*map) + size * set->dsize, GFP_KERNEL); 600 map = kzalloc(sizeof(*map) +
601 min_t(u32, size, IP_SET_LIST_MAX_SIZE) * set->dsize,
602 GFP_KERNEL);
601 if (!map) 603 if (!map)
602 return false; 604 return false;
603 605
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-01 05:40:08 -0400