netfilter: nf_tables: really skip inactive sets when allocating name

While looping to build the bitmap of used anonymous set names, check the current set in the iteration, instead of the one that is being created. Fixes: 37a9cc52 ("netfilter: nf_tables: add generation mask to sets") Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: nf_tables: really skip inactive sets when allocating name
While looping to build the bitmap of used anonymous set names, check the current set in the iteration, instead of the one that is being created. Fixes: 37a9cc52 ("netfilter: nf_tables: add generation mask to sets") Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>
271c5ca8 · Pablo Neira Ayuso · 0b2f3212 · 271c5ca8
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

net/netfilter/nf_tables_api.c net/netfilter/nf_tables_api.c +1 -1

未找到文件。
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3907,7 +3907,7 @@ static int nf_tables_set_alloc_name(struct nft_ctx *ctx, struct nft_set *set,
 		list_for_each_entry(i, &ctx->table->sets, list) {
 			int tmp;

-			if (!nft_is_active_next(ctx->net, set))
+			if (!nft_is_active_next(ctx->net, i))
 				continue;
 			if (!sscanf(i->name, name, &tmp))
 				continue;