From: Pablo Neira Ayuso pablo@netfilter.org
commit 271c5ca826e0c3c53e0eb4032f8eaedea1ee391c upstream.
While looping to build the bitmap of used anonymous set names, check the current set in the iteration, instead of the one that is being created.
Fixes: 37a9cc525525 ("netfilter: nf_tables: add generation mask to sets") Signed-off-by: Pablo Neira Ayuso pablo@netfilter.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- net/netfilter/nf_tables_api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -3253,7 +3253,7 @@ cont: list_for_each_entry(i, &ctx->table->sets, list) { int tmp;
- if (!nft_is_active_next(ctx->net, set)) + if (!nft_is_active_next(ctx->net, i)) continue; if (!sscanf(i->name, name, &tmp)) continue;