Patchwork [2/3] ipset: Fix malformed output from list/save for ICMP types in port field.

login
register
mail settings
Submitter Sergey Popovich
Date Nov. 7, 2013, 10:56 a.m.
Message ID <2351390.3tInbbydSl@tuxracer>
Download mbox | patch
Permalink /patch/289290/
State Awaiting Upstream
Delegated to: Jozsef Kadlecsik
Headers show

Comments

Sergey Popovich - Nov. 7, 2013, 10:56 a.m.
Found with ipset 6.12.1, but upstream version is still affected.

Creating set of dimension three, adding elements to it and then
displaying gives following results:
-----------------------------------

 # ipset create test-1 hash:ip,port,ip
 # ipset add test-1 192.0.2.1,icmp:echo-request,192.0.2.1
 # ipset add test-1 192.0.2.1,icmp:ttl-zero-during-reassembly,192.0.2.1
 # ipset list test-1
 Name: test-1
 Type: hash:ip,port,ip
 Header: family inet hashsize 1024 maxelem 65536
 Size in memory: 16608
 References: 0
 Members:
 192.0.2.1,icmp:ttl-zero-during-reass,192.0.2.1
 192.0.2.1,icmp:echo-re,192.0.2.1

Same results with -output save|xml.

ipset_print_proto_port() from lib/print.c returns incorrect length
of printed string when ICMP/ICMPv6 specified in port field.

Signed-off-by: Sergey Popovich <popovich_sergei@mail.ru>
---
 lib/print.c |    8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)
Jozsef Kadlecsik - Nov. 11, 2013, 9:35 p.m.
On Thu, 7 Nov 2013, Sergey Popovich wrote:

> Found with ipset 6.12.1, but upstream version is still affected.
> 
> Creating set of dimension three, adding elements to it and then
> displaying gives following results:
> -----------------------------------
> 
>  # ipset create test-1 hash:ip,port,ip
>  # ipset add test-1 192.0.2.1,icmp:echo-request,192.0.2.1
>  # ipset add test-1 192.0.2.1,icmp:ttl-zero-during-reassembly,192.0.2.1
>  # ipset list test-1
>  Name: test-1
>  Type: hash:ip,port,ip
>  Header: family inet hashsize 1024 maxelem 65536
>  Size in memory: 16608
>  References: 0
>  Members:
>  192.0.2.1,icmp:ttl-zero-during-reass,192.0.2.1
>  192.0.2.1,icmp:echo-re,192.0.2.1
> 
> Same results with -output save|xml.
> 
> ipset_print_proto_port() from lib/print.c returns incorrect length
> of printed string when ICMP/ICMPv6 specified in port field.

Patch is applied, thanks.

Best regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlecsik.jozsef@wigner.mta.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
          H-1525 Budapest 114, POB. 49, Hungary
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/lib/print.c b/lib/print.c
index abdfd34..6988fdf 100644
--- a/lib/print.c
+++ b/lib/print.c
@@ -709,18 +709,20 @@  ipset_print_proto_port(char *buf, unsigned int len,
 		case IPPROTO_UDPLITE:
 			break;
 		case IPPROTO_ICMP:
-			return ipset_print_icmp(buf + offset, len, data,
+			size = ipset_print_icmp(buf + offset, len, data,
 						IPSET_OPT_PORT, env);
+			goto out;
 		case IPPROTO_ICMPV6:
-			return ipset_print_icmpv6(buf + offset, len, data,
+			size = ipset_print_icmpv6(buf + offset, len, data,
 						  IPSET_OPT_PORT, env);
+			goto out;
 		default:
 			break;
 		}
 	}
 	size = ipset_print_port(buf + offset, len, data, IPSET_OPT_PORT, env);
+out:
 	SNPRINTF_FAILURE(size, len, offset);
-
 	return offset;
 }