From patchwork Fri Jun 29 19:42:28 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jozsef Kadlecsik X-Patchwork-Id: 168255 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id B7E6BB6F6E for ; Sat, 30 Jun 2012 05:42:46 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756124Ab2F2Tmb (ORCPT ); Fri, 29 Jun 2012 15:42:31 -0400 Received: from smtp-in.kfki.hu ([148.6.0.28]:54332 "EHLO smtp2.kfki.hu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754671Ab2F2Tma (ORCPT ); Fri, 29 Jun 2012 15:42:30 -0400 Received: from localhost (localhost [127.0.0.1]) by smtp2.kfki.hu (Postfix) with ESMTP id 5F0231F40AD; Fri, 29 Jun 2012 21:42:29 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at smtp2.kfki.hu Received: from smtp2.kfki.hu ([127.0.0.1]) by localhost (smtp2.kfki.hu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yYEJn8p-gcDs; Fri, 29 Jun 2012 21:42:29 +0200 (CEST) Received: from blackhole.kfki.hu (blackhole.kfki.hu [148.6.0.114]) by smtp2.kfki.hu (Postfix) with ESMTP id 0FD501F40AC; Fri, 29 Jun 2012 21:42:29 +0200 (CEST) Received: by blackhole.kfki.hu (Postfix, from userid 1000) id F393F20818F; Fri, 29 Jun 2012 21:42:28 +0200 (CEST) From: Jozsef Kadlecsik To: netfilter-devel@vger.kernel.org Cc: Pablo Neira Ayuso , Jozsef Kadlecsik Subject: [PATCH 1/1] Timeout fixing bug broke SET target special timeout value, fixed Date: Fri, 29 Jun 2012 21:42:28 +0200 Message-Id: <1340998948-29672-2-git-send-email-kadlec@blackhole.kfki.hu> X-Mailer: git-send-email 1.7.0.4 In-Reply-To: <1340998948-29672-1-git-send-email-kadlec@blackhole.kfki.hu> References: <1340998948-29672-1-git-send-email-kadlec@blackhole.kfki.hu> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The patch "Fix timeout value overflow bug at large timeout parameters" broke the SET target when no timeout was specified (reported by Jean-Philippe Menil). Signed-off-by: Jozsef Kadlecsik --- net/netfilter/xt_set.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diff --git a/net/netfilter/xt_set.c b/net/netfilter/xt_set.c index 035960e..b172cbc 100644 --- a/net/netfilter/xt_set.c +++ b/net/netfilter/xt_set.c @@ -16,6 +16,7 @@ #include #include +#include MODULE_LICENSE("GPL"); MODULE_AUTHOR("Jozsef Kadlecsik "); @@ -310,7 +311,8 @@ set_target_v2(struct sk_buff *skb, const struct xt_action_param *par) info->del_set.flags, 0, UINT_MAX); /* Normalize to fit into jiffies */ - if (add_opt.timeout > UINT_MAX/MSEC_PER_SEC) + if (add_opt.timeout != IPSET_NO_TIMEOUT + && add_opt.timeout > UINT_MAX/MSEC_PER_SEC) add_opt.timeout = UINT_MAX/MSEC_PER_SEC; if (info->add_set.index != IPSET_INVALID_ID) ip_set_add(info->add_set.index, skb, par, &add_opt);