提交 98a0824a 编写于 作者: A Al Viro 提交者: David S. Miller

[EBTABLES]: Deal with the worst-case behaviour in loop checks.

No need to revisit a chain we'd already finished with during
the check for current hook.  It's either instant loop (which
we'd just detected) or a duplicate work.
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 40642f95
...@@ -717,7 +717,9 @@ static int check_chainloops(struct ebt_entries *chain, struct ebt_cl_stack *cl_s ...@@ -717,7 +717,9 @@ static int check_chainloops(struct ebt_entries *chain, struct ebt_cl_stack *cl_s
BUGPRINT("loop\n"); BUGPRINT("loop\n");
return -1; return -1;
} }
/* this can't be 0, so the above test is correct */ if (cl_s[i].hookmask & (1 << hooknr))
goto letscontinue;
/* this can't be 0, so the loop test is correct */
cl_s[i].cs.n = pos + 1; cl_s[i].cs.n = pos + 1;
pos = 0; pos = 0;
cl_s[i].cs.e = ((void *)e + e->next_offset); cl_s[i].cs.e = ((void *)e + e->next_offset);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册