From: Patrick McHardy <kaber@trash.net>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org,
bugme-daemon@bugzilla.kernel.org, joe-lk@ttdpatch.net
Subject: Re: [Bugme-new] [Bug 12753] New: /proc/net/xt_recent/: +IP / -IP commands broken for IPv4
Date: Wed, 25 Feb 2009 06:04:09 +0100 [thread overview]
Message-ID: <49A4D149.7070101@trash.net> (raw)
In-Reply-To: <20090224125830.e89f28c5.akpm@linux-foundation.org>
Andrew Morton wrote:
> (switched to email. Please respond via emailed reply-to-all, not via the
> bugzilla web interface).
>>
>> Latest working kernel version: up to at least 2.6.24
>> Earliest failing kernel version: first noticed with upgrade to 2.6.28
>
> So it's a regression?
Yes. The fix is on its way upstream.
>> Possible solutions:
>> - initialize the addr variable in recent_mt_proc_write
>> - compare only 4 bytes for IPv4 addresses in recent_entry_lookup
>>
>> Simplest fix:
>> --- linux-2.6.28.7/net/netfilter/xt_recent.c.org 2009-02-22
>> 17:34:19.000000000 +0100
>> +++ linux-2.6.28.7/net/netfilter/xt_recent.c 2009-02-22 17:34:21.000000000
>> +0100
>> @@ -544,7 +544,7 @@
>> struct recent_entry *e;
>> char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:5afe:c0de")];
>> const char *c = buf;
>> - union nf_inet_addr addr;
>> + union nf_inet_addr addr = {};
>> u_int16_t family;
>> bool add, succ;
>>
>
> hm, that function does some pretty ugly things.
>
> I wonder if the same bug exists elsewhere (or might do so in the
> future). A more general fix would be to write a new
> in6_to_nf_inet_addr() and in4_to_nf_inet_addr() which correctly
> initialise the whole union.
I don't think thats necessary, there are no intentions of adding
more text-based interfaces.
prev parent reply other threads:[~2009-02-25 5:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <bug-12753-10286@http.bugzilla.kernel.org/>
2009-02-24 20:58 ` [Bugme-new] [Bug 12753] New: /proc/net/xt_recent/: +IP / -IP commands broken for IPv4 Andrew Morton
2009-02-25 5:04 ` Patrick McHardy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49A4D149.7070101@trash.net \
--to=kaber@trash.net \
--cc=akpm@linux-foundation.org \
--cc=bugme-daemon@bugzilla.kernel.org \
--cc=joe-lk@ttdpatch.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).