netfilter: xt_limit: have r->cost != 0 case work
Commit v2.6.19-rc1~1272^2~41 tells us that r->cost != 0 can happen when a running state is saved to userspace and then reinstated from there. Make sure that private xt_limit area is initialized with correct values. Otherwise, random matchings due to use of uninitialized memory. Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
3e10986d1d
commit
82e6bfe2fb
@ -117,11 +117,11 @@ static int limit_mt_check(const struct xt_mtchk_param *par)
|
||||
|
||||
/* For SMP, we only want to use one set of state. */
|
||||
r->master = priv;
|
||||
/* User avg in seconds * XT_LIMIT_SCALE: convert to jiffies *
|
||||
128. */
|
||||
priv->prev = jiffies;
|
||||
priv->credit = user2credits(r->avg * r->burst); /* Credits full. */
|
||||
if (r->cost == 0) {
|
||||
/* User avg in seconds * XT_LIMIT_SCALE: convert to jiffies *
|
||||
128. */
|
||||
priv->prev = jiffies;
|
||||
priv->credit = user2credits(r->avg * r->burst); /* Credits full. */
|
||||
r->credit_cap = priv->credit; /* Credits full. */
|
||||
r->cost = user2credits(r->avg);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user