]> git.ipfire.org Git - thirdparty/ipset.git/commit
projects / thirdparty / ipset.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 578462f) | patch
Limit the maximal range of consecutive elements to add/delete
authorJozsef Kadlecsik <kadlec@netfilter.org>
Wed, 14 Jul 2021 10:37:07 +0000 (12:37 +0200)
committerJozsef Kadlecsik <kadlec@netfilter.org>
Wed, 14 Jul 2021 10:40:49 +0000 (12:40 +0200)
commit15932461c91e8aedf54e885d429b954b439605d2
tree23bed1696242969f326735a809da308b94ff5cd6tree
parent578462f89dab9d91c38f74a93bc6855ced11ea3ccommit | diff
Limit the maximal range of consecutive elements to add/delete

The range size of consecutive elements were not limited. Thus one
could define a huge range which may result soft lockup errors due
to the long execution time. Now the range size is limited to 2^20
entries. Reported by Brad Spengler.

Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
kernel/include/linux/netfilter/ipset/ip_set.h diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_ip.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_ipmark.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_ipport.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_ipportip.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_ipportnet.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_net.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_netiface.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_netnet.c diff | blob | blame | history
kernel/net/netfilter/ipset/ip_set_hash_netportnet.c diff | blob | blame | history
lib/errcode.c diff | blob | blame | history
Mirror of git://git.netfilter.org/ipset