netfilter: nf_tables: fix wrong check of NFT_SET_MAP in nf_tables_bind_set

We should check "i" is used as a dictionary or not, "binding" is already checked before. Signed-off-by: N Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: nf_tables: fix wrong check of NFT_SET_MAP in nf_tables_bind_set
We should check "i" is used as a dictionary or not, "binding" is already checked before. Signed-off-by: N Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>
a4684402 · Liping Zhang · Pablo Neira Ayuso · 77571149 · a4684402
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

net/netfilter/nf_tables_api.c net/netfilter/nf_tables_api.c +1 -1

未找到文件。
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -2946,7 +2946,7 @@ int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set,
 		 * jumps are already validated for that chain.
 		 */
 		list_for_each_entry(i, &set->bindings, list) {
-			if (binding->flags & NFT_SET_MAP &&
+			if (i->flags & NFT_SET_MAP &&
 			    i->chain == binding->chain)
 				goto bind;
 		}