[Bug 1707] iptables-extensions man page misleading for --to
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Sep 26 17:55:25 CEST 2023
https://bugzilla.netfilter.org/show_bug.cgi?id=1707
--- Comment #3 from Phil Sutter <phil at nwl.cc> ---
(In reply to Pablo Neira Ayuso from comment #2)
> (In reply to Phil Sutter from comment #1)
> > Pablo, am I on the right track? Could you please review?
>
> According to the code:
>
[...]
> ret = textsearch_find(config, &state);
> return (ret <= to - from ? ret : UINT_MAX);
[...]
> commit f72b948dcbb8558d639214536c2ace1b0760f41d
> Author: Phil Oester <kernel at linuxace.com>
> Date: Mon Jun 26 00:00:57 2006 -0700
>
> [NET]: skb_find_text ignores to argument
Ah, thanks for digging this up! IIUC, it merely asserts the start of the
matching string lies within the given boundaries, it may still extend to past
the end.
Is my interpretation about skb_seq_read() right though and specifying a too
narrow range could lead to a false negative? In other words, does 'from - to'
have to include the pattern's length?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230926/98407db8/attachment.html>
More information about the netfilter-buglog
mailing list