This patch permits to copy the last char of the set name
that's currently excluded.
nft add table ip test
nft add chain ip test filter {type filter hook input priority 0 \; }
nft add set ip test thisnamewith0016 { type ipv4_address\;}
nft list table ip test
table ip test {
set thisnamewith0016 {
type ipv4_address
}
chain filter {
type filter hook input priority 0;
}
}
Signed-off-by: Giuseppe Longo <giuseppelng@xxxxxxxxx>
---
net/netfilter/nf_tables_api.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index adce01e..a0da542 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -2018,7 +2018,7 @@ static int nf_tables_set_alloc_name(struct nft_ctx *ctx, struct nft_set *set,
free_page((unsigned long)inuse);
}
- snprintf(set->name, sizeof(set->name), name, n);
+ snprintf(set->name, sizeof(set->name)+1, name, n);
list_for_each_entry(i, &ctx->table->sets, list) {
if (!strcmp(set->name, i->name))
return -ENFILE;
@@ -2399,7 +2399,7 @@ static int nf_tables_newset(struct sock *nlsk, struct sk_buff *skb,
if (set == NULL)
goto err1;
- nla_strlcpy(name, nla[NFTA_SET_NAME], sizeof(set->name));
+ nla_strlcpy(name, nla[NFTA_SET_NAME], sizeof(set->name)+1);
err = nf_tables_set_alloc_name(&ctx, set, name);
if (err < 0)
goto err2;
--
1.8.3.2
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
