[Bug 1199] nft_set_hash fast lookup broken for 2 byte keys

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sun Oct 29 13:03:26 CET 2017


https://bugzilla.netfilter.org/show_bug.cgi?id=1199

--- Comment #1 from Jindřich Makovička <makovick at gmail.com> ---
When searching for this bug, I also found this piece of code in 
nft_hash_deactivate():

    hlist_for_each_entry(he, &priv->table[hash], node) {
        if (!memcmp(nft_set_ext_key(&this->ext), &elem->key.val,
                set->klen) ||
            nft_set_elem_active(&he->ext, genmask)) {
            nft_set_elem_change_active(net, set, &he->ext);
            return he;
        }
    }

The logical OR looks fishy to me. Shouldn't be && there instead?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20171029/22802ce1/attachment.html>


More information about the netfilter-buglog mailing list