diff options
author | Liping Zhang <liping.zhang@spreadtrum.com> | 2016-06-11 12:20:26 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-06-15 12:17:23 +0200 |
commit | a46844021f6182cca7b575295ba33a4734b1b9d9 (patch) | |
tree | 7a7e003bd5f68e3e056edec1155e2805a526bb96 /net | |
parent | 775711497202fe376368c25b0c7296ed8803e0ba (diff) | |
download | linux-a46844021f6182cca7b575295ba33a4734b1b9d9.tar.gz linux-a46844021f6182cca7b575295ba33a4734b1b9d9.tar.bz2 linux-a46844021f6182cca7b575295ba33a4734b1b9d9.zip |
netfilter: nf_tables: fix wrong check of NFT_SET_MAP in nf_tables_bind_set
We should check "i" is used as a dictionary or not, "binding" is already
checked before.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_tables_api.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 7b7aa871a174..492f6f8efdda 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -2946,7 +2946,7 @@ int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set, * jumps are already validated for that chain. */ list_for_each_entry(i, &set->bindings, list) { - if (binding->flags & NFT_SET_MAP && + if (i->flags & NFT_SET_MAP && i->chain == binding->chain) goto bind; } |