forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/net
History
Oliver Smith 97d2a12a27 netfilter: ipset: Fix serious failure in CIDR tracking 
commit 2cf55125c6 upstream.

This fixes a serious bug affecting all hash types with a net element -
specifically, if a CIDR value is deleted such that none of the same size
exist any more, all larger (less-specific) values will then fail to
match. Adding back any prefix with a CIDR equal to or more specific than
the one deleted will fix it.

Steps to reproduce:
ipset -N test hash:net
ipset -A test 1.1.0.0/16
ipset -A test 2.2.2.0/24
ipset -T test 1.1.1.1           #1.1.1.1 IS in set
ipset -D test 2.2.2.0/24
ipset -T test 1.1.1.1           #1.1.1.1 IS NOT in set

This is due to the fact that the nets counter was unconditionally
decremented prior to the iteration that shifts up the entries. Now, we
first check if there is a proceeding entry and if not, decrement it and
return. Otherwise, we proceed to iterate and then zero the last element,
which, in most cases, will already be zero.

Signed-off-by: Oliver Smith <oliver@8.c.9.b.0.7.4.0.1.0.0.2.ip6.arpa>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-10-01 09:17:48 -07:00
..
9p 9p: fix off by one causing access violations and memory corruption 2013-07-28 16:29:58 -07:00
802 net/802/mrp: fix lockdep splat 2013-05-14 13:02:30 -07:00
8021q vlan: fix a race in egress prio management 2013-07-28 16:30:05 -07:00
appletalk appletalk: info leak in ->getname() 2013-04-25 01:47:58 -04:00
atm Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
ax25 ax25: fix info leak via msg_name in ax25_recvmsg() 2013-04-07 16:28:00 -04:00
batman-adv batman-adv: Don't handle address updates when bla is disabled 2013-06-10 08:42:18 +02:00
bluetooth Bluetooth: Fix invalid length check in l2cap_information_rsp() 2013-06-23 00:24:58 +01:00
bridge net: bridge: convert MLDv2 Query MRC into msecs_to_jiffies for max_delay 2013-09-14 06:54:56 -07:00
caif caif: Remove bouncing address for Daniel Martensson 2013-04-23 13:25:51 -04:00
can Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
ceph libceph: use pg_num_mask instead of pgp_num_mask for pg.seed calc 2013-09-26 17:18:29 -07:00
core net: Check the correct namespace when spoofing pid over SCM_RIGHTS 2013-09-26 17:18:05 -07:00
dcb rtnetlink: Remove passing of attributes into rtnl_doit functions 2013-03-22 10:31:16 -04:00
dccp tcp: Remove TCPCT 2013-03-17 14:35:13 -04:00
decnet decnet: remove duplicated include from dn_table.c 2013-04-07 17:12:01 -04:00
dns_resolver
dsa dsa: fix freeing of sparse port allocation 2013-03-25 12:23:41 -04:00
ethernet net: add ETH_P_802_3_MIN 2013-03-28 01:20:42 -04:00
ieee802154 ieee802154/nl-mac.c: make some MLME operations optional 2013-04-08 12:00:16 -04:00
ipv4 tcp: tcp_make_synack() should use sock_wmalloc 2013-09-14 06:54:56 -07:00
ipv6 net: ipv6: tcp: fix potential use after free in tcp_v6_do_rcv 2013-09-14 06:54:56 -07:00
ipx hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
irda net: irda: using kzalloc() instead of kmalloc() to avoid strncpy() issue. 2013-05-19 15:10:47 -07:00
iucv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-22 20:32:51 -04:00
key af_key: more info leaks in pfkey messages 2013-08-11 18:35:25 -07:00
l2tp l2tp: add missing .owner to struct pppox_proto 2013-07-28 16:29:49 -07:00
lapb
llc llc: Fix missing msg_namelen update in llc_ui_recvmsg() 2013-04-07 16:28:01 -04:00
mac80211 mac80211: add a flag to indicate CCK support for HT clients 2013-09-07 22:09:59 -07:00
mac802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-30 03:55:20 -04:00
netfilter netfilter: ipset: Fix serious failure in CIDR tracking 2013-10-01 09:17:48 -07:00
netlabel netlabel: improve domain mapping validation 2013-05-19 14:49:55 -07:00
netlink genl: Hold reference on correct module while netlink-dump. 2013-09-14 06:54:55 -07:00
netrom netrom: info leak in ->getname() 2013-04-25 01:47:58 -04:00
nfc NFC: llcp: Fix non blocking sockets connections 2013-08-29 09:47:30 -07:00
openvswitch openvswitch: Remove unneeded ovs_netdev_get_ifindex() 2013-04-30 00:19:11 -04:00
packet packet: restore packet statistics tp_packets to include drops 2013-09-14 06:54:55 -07:00
phonet rtnetlink: Remove passing of attributes into rtnl_doit functions 2013-03-22 10:31:16 -04:00
rds net/rds: zero last byte for strncpy 2013-03-08 00:35:44 -05:00
rfkill Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next 2013-04-22 14:58:14 -04:00
rose rose: fix info leak via msg_name in rose_recvmsg() 2013-04-07 16:28:02 -04:00
rxrpc Driver core patches for 3.9-rc1 2013-02-21 12:05:51 -08:00
sched net_sched: restore "linklayer atm" handling 2013-09-14 06:54:55 -07:00
sctp sctp: fully initialize sctp_outq in sctp_outq_init 2013-06-13 18:05:24 -07:00
sunrpc rpc: let xdr layer allocate gssproxy receieve pages 2013-10-01 09:17:48 -07:00
tipc tipc: set sk_err correctly when connection fails 2013-09-14 06:54:56 -07:00
unix af_unix: fix a fatal race with bit fields 2013-05-01 15:13:49 -04:00
vmw_vsock Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-30 03:55:20 -04:00
wimax
wireless nl80211: fix another nl80211_fam.attrbuf race 2013-08-20 08:43:04 -07:00
x25 x25: Fix broken locking in ioctl error paths. 2013-07-28 16:29:45 -07:00
xfrm xfrm: force a garbage collection after deleting a policy 2013-05-31 17:30:07 -07:00
compat.c net: Unbreak compat_sys_{send,recv}msg 2013-06-06 11:52:14 -07:00
Kconfig netlink: kconfig: move mmap i/o into netlink kconfig 2013-05-01 15:02:42 -04:00
Makefile
nonet.c
socket.c net: Unbreak compat_sys_{send,recv}msg 2013-06-06 11:52:14 -07:00
sysctl_net.c