[netfilter-cvslog] r6707 - in trunk/patch-o-matic-ng/patchlets/set:
linux/net/ipv4/netfilter linux-2.6/net/ipv4/netfilter
kadlec at netfilter.org
kadlec at netfilter.org
Mon Dec 11 10:36:42 CET 2006
Author: kadlec at netfilter.org
Date: 2006-12-11 10:36:41 +0100 (Mon, 11 Dec 2006)
New Revision: 6707
Modified:
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c
trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c
trunk/patch-o-matic-ng/patchlets/set/linux/net/ipv4/netfilter/ip_set.c
Log:
Uninitialized structure elements at 'save' fixed
plus 2.6.19 compatibility fixes.
Modified: trunk/patch-o-matic-ng/patchlets/set/linux/net/ipv4/netfilter/ip_set.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux/net/ipv4/netfilter/ip_set.c 2006-12-09 13:06:04 UTC (rev 6706)
+++ trunk/patch-o-matic-ng/patchlets/set/linux/net/ipv4/netfilter/ip_set.c 2006-12-11 09:36:41 UTC (rev 6707)
@@ -1236,6 +1236,8 @@
/* Marker */
set_save = (struct ip_set_save *) (data + *used);
set_save->index = IP_SET_INVALID_ID;
+ set_save->header_size = 0;
+ set_save->members_size = 0;
*used += sizeof(struct ip_set_save);
DP("marker added used %u, len %u", *used, len);
Modified: trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c 2006-12-09 13:06:04 UTC (rev 6706)
+++ trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ip_set.c 2006-12-11 09:36:41 UTC (rev 6707)
@@ -9,7 +9,10 @@
/* Kernel module for IP set management */
+#include <linux/version.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
#include <linux/config.h>
+#endif
#include <linux/module.h>
#include <linux/moduleparam.h>
#include <linux/kmod.h>
@@ -25,9 +28,8 @@
#include <linux/spinlock.h>
#include <linux/vmalloc.h>
-#define ASSERT_READ_LOCK(x) /* dont use that */
+#define ASSERT_READ_LOCK(x)
#define ASSERT_WRITE_LOCK(x)
-#include <linux/netfilter_ipv4/listhelp.h>
#include <linux/netfilter_ipv4/ip_set.h>
static struct list_head set_type_list; /* all registered sets */
@@ -69,11 +71,16 @@
* Binding routines
*/
-static inline int
-ip_hash_cmp(const struct ip_set_hash *set_hash,
- ip_set_id_t id, ip_set_ip_t ip)
+static inline struct ip_set_hash *
+__ip_set_find(u_int32_t key, ip_set_id_t id, ip_set_ip_t ip)
{
- return set_hash->id == id && set_hash->ip == ip;
+ struct ip_set_hash *set_hash;
+
+ list_for_each_entry(set_hash, &ip_set_hash[key], list)
+ if (set_hash->id == id && set_hash->ip == ip)
+ return set_hash;
+
+ return NULL;
}
static ip_set_id_t
@@ -87,8 +94,7 @@
IP_SET_ASSERT(ip_set_list[id]);
DP("set: %s, ip: %u.%u.%u.%u", ip_set_list[id]->name, HIPQUAD(ip));
- set_hash = LIST_FIND(&ip_set_hash[key], ip_hash_cmp,
- struct ip_set_hash *, id, ip);
+ set_hash = __ip_set_find(key, id, ip);
DP("set: %s, ip: %u.%u.%u.%u, binding: %s", ip_set_list[id]->name,
HIPQUAD(ip),
@@ -118,8 +124,7 @@
IP_SET_ASSERT(ip_set_list[id]);
DP("set: %s, ip: %u.%u.%u.%u", ip_set_list[id]->name, HIPQUAD(ip));
write_lock_bh(&ip_set_lock);
- set_hash = LIST_FIND(&ip_set_hash[key], ip_hash_cmp,
- struct ip_set_hash *, id, ip);
+ set_hash = __ip_set_find(key, id, ip);
DP("set: %s, ip: %u.%u.%u.%u, binding: %s", ip_set_list[id]->name,
HIPQUAD(ip),
set_hash != NULL ? ip_set_list[set_hash->binding]->name : "");
@@ -143,8 +148,7 @@
DP("set: %s, ip: %u.%u.%u.%u, binding: %s", ip_set_list[id]->name,
HIPQUAD(ip), ip_set_list[binding]->name);
write_lock_bh(&ip_set_lock);
- set_hash = LIST_FIND(&ip_set_hash[key], ip_hash_cmp,
- struct ip_set_hash *, id, ip);
+ set_hash = __ip_set_find(key, id, ip);
if (!set_hash) {
set_hash = kmalloc(sizeof(struct ip_set_hash), GFP_KERNEL);
if (!set_hash) {
@@ -285,19 +289,15 @@
/* Register and deregister settype */
-static inline int
-set_type_equal(const struct ip_set_type *set_type, const char *str2)
-{
- return !strncmp(set_type->typename, str2, IP_SET_MAXNAMELEN - 1);
-}
-
static inline struct ip_set_type *
find_set_type(const char *name)
{
- return LIST_FIND(&set_type_list,
- set_type_equal,
- struct ip_set_type *,
- name);
+ struct ip_set_type *set_type;
+
+ list_for_each_entry(set_type, &set_type_list, list)
+ if (!strncmp(set_type->typename, name, IP_SET_MAXNAMELEN - 1))
+ return set_type;
+ return NULL;
}
int
@@ -325,7 +325,7 @@
ret = -EFAULT;
goto unlock;
}
- list_append(&set_type_list, set_type);
+ list_add(&set_type->list, &set_type_list);
DP("'%s' registered.", set_type->typename);
unlock:
write_unlock_bh(&ip_set_lock);
@@ -341,7 +341,7 @@
set_type->typename);
goto unlock;
}
- LIST_DELETE(&set_type_list, set_type);
+ list_del(&set_type->list);
module_put(THIS_MODULE);
DP("'%s' unregistered.", set_type->typename);
unlock:
@@ -1161,8 +1161,8 @@
set->type->list_header(set, data + *used);
*used += set_save->header_size;
- DP("set header filled: %s, used: %u %p %p", set->name, *used,
- data, data + *used);
+ DP("set header filled: %s, used: %u(%u) %p %p", set->name, *used,
+ set_save->header_size, data, data + *used);
/* Get and ensure set specific members size */
set_save->members_size = set->type->list_members_size(set);
if (*used + set_save->members_size > len)
@@ -1172,8 +1172,8 @@
set->type->list_members(set, data + *used);
*used += set_save->members_size;
read_unlock_bh(&set->lock);
- DP("set members filled: %s, used: %u %p %p", set->name, *used,
- data, data + *used);
+ DP("set members filled: %s, used: %u(%u) %p %p", set->name, *used,
+ set_save->members_size, data, data + *used);
return 0;
unlock_set:
@@ -1223,6 +1223,8 @@
/* Marker */
set_save = (struct ip_set_save *) (data + *used);
set_save->index = IP_SET_INVALID_ID;
+ set_save->header_size = 0;
+ set_save->members_size = 0;
*used += sizeof(struct ip_set_save);
DP("marker added used %u, len %u", *used, len);
Modified: trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c 2006-12-09 13:06:04 UTC (rev 6706)
+++ trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_SET.c 2006-12-11 09:36:41 UTC (rev 6707)
@@ -33,8 +33,12 @@
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
const struct xt_target *target,
#endif
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
const void *targinfo,
void *userinfo)
+#else
+ const void *targinfo)
+#endif
{
const struct ipt_set_info_target *info = targinfo;
@@ -61,13 +65,16 @@
const struct xt_target *target,
#endif
void *targinfo,
- unsigned int targinfosize, unsigned int hook_mask)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
+ unsigned int targinfosize,
+#endif
+ unsigned int hook_mask)
{
struct ipt_set_info_target *info =
(struct ipt_set_info_target *) targinfo;
ip_set_id_t index;
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
if (targinfosize != IPT_ALIGN(sizeof(*info))) {
DP("bad target info size %u", targinfosize);
return 0;
@@ -104,15 +111,20 @@
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
const struct xt_target *target,
#endif
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
void *targetinfo, unsigned int targetsize)
+#else
+ void *targetinfo)
+#endif
{
struct ipt_set_info_target *info = targetinfo;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
if (targetsize != IPT_ALIGN(sizeof(struct ipt_set_info_target))) {
ip_set_printk("invalid targetsize %d", targetsize);
return;
}
-
+#endif
if (info->add_set.index != IP_SET_INVALID_ID)
ip_set_put(info->add_set.index);
if (info->del_set.index != IP_SET_INVALID_ID)
Modified: trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c 2006-12-09 13:06:04 UTC (rev 6706)
+++ trunk/patch-o-matic-ng/patchlets/set/linux-2.6/net/ipv4/netfilter/ipt_set.c 2006-12-11 09:36:41 UTC (rev 6707)
@@ -61,14 +61,16 @@
const struct xt_match *match,
#endif
void *matchinfo,
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
unsigned int matchsize,
+#endif
unsigned int hook_mask)
{
struct ipt_set_info_match *info =
(struct ipt_set_info_match *) matchinfo;
ip_set_id_t index;
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
ip_set_printk("invalid matchsize %d", matchsize);
return 0;
@@ -94,15 +96,20 @@
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
const struct xt_match *match,
#endif
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
void *matchinfo, unsigned int matchsize)
+#else
+ void *matchinfo)
+#endif
{
struct ipt_set_info_match *info = matchinfo;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
ip_set_printk("invalid matchsize %d", matchsize);
return;
}
-
+#endif
ip_set_put(info->match_set.index);
}
More information about the netfilter-cvslog
mailing list