On Wed, May 25, 2016 at 11:13:57AM +0200, Pablo Neira Ayuso wrote:
> Compare the helper name up to the dash, so we can catch if the user has
> supplied duplicated ports via module parameters.
>
> Reported-by: Feng Gao <gfree.wind@xxxxxxxxx>
> Reported-by: Taehee Yoo <ap420073@xxxxxxxxx>
> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> ---
> net/netfilter/nf_conntrack_helper.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
> index 3b40ec5..94f36f2 100644
> --- a/net/netfilter/nf_conntrack_helper.c
> +++ b/net/netfilter/nf_conntrack_helper.c
> @@ -361,9 +361,10 @@ EXPORT_SYMBOL_GPL(nf_ct_helper_log);
>
> int nf_conntrack_helper_register(struct nf_conntrack_helper *me)
> {
> - int ret = 0;
> struct nf_conntrack_helper *cur;
> unsigned int h = helper_hash(&me->tuple);
> + const char *slash;
> + int len, ret = 0;
>
> BUG_ON(me->expect_policy == NULL);
> BUG_ON(me->expect_class_max >= NF_CT_MAX_EXPECT_CLASSES);
> @@ -371,7 +372,13 @@ int nf_conntrack_helper_register(struct nf_conntrack_helper *me)
>
> mutex_lock(&nf_ct_helper_mutex);
> hlist_for_each_entry(cur, &nf_ct_helper_hash[h], hnode) {
> - if (strncmp(cur->name, me->name, NF_CT_HELPER_NAME_LEN) == 0 &&
> + slash = strchr(cur->name, '-');
I'm discarding this, we have a valid helper using dash in the name.
net/netfilter/nf_conntrack_netbios_ns.c: .name = "netbios-ns",
Will send a new version of this patch.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
