diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-09-04 15:45:59 (GMT) |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-09-21 19:51:34 (GMT) |
commit | b9fed748185a96b7cfe74afac4bd228e8af16f01 (patch) | |
tree | 6186be239aee023c11897c2bbde070d32fee0abe /net/netfilter/ipset/ip_set_bitmap_ipmac.c | |
parent | 6e27c9b4ee8f348770be5751e6a845ff52a31e19 (diff) | |
download | linux-b9fed748185a96b7cfe74afac4bd228e8af16f01.tar.xz |
netfilter: ipset: Check and reject crazy /0 input parameters
bitmap:ip and bitmap:ip,mac type did not reject such a crazy range
when created and using such a set results in a kernel crash.
The hash types just silently ignored such parameters.
Reject invalid /0 input parameters explicitely.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'net/netfilter/ipset/ip_set_bitmap_ipmac.c')
-rw-r--r-- | net/netfilter/ipset/ip_set_bitmap_ipmac.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c index d7eaf10..6819d3c 100644 --- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c +++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c @@ -557,7 +557,8 @@ static int bitmap_ipmac_create(struct ip_set *set, struct nlattr *tb[], u32 flags) { - u32 first_ip, last_ip, elements; + u32 first_ip, last_ip; + u64 elements; struct bitmap_ipmac *map; int ret; @@ -588,7 +589,7 @@ bitmap_ipmac_create(struct ip_set *set, struct nlattr *tb[], } else return -IPSET_ERR_PROTOCOL; - elements = last_ip - first_ip + 1; + elements = (u64)last_ip - first_ip + 1; if (elements > IPSET_BITMAP_MAX_RANGE + 1) return -IPSET_ERR_BITMAP_RANGE_SIZE; |