netfilter: ipset: Fix forceadd evaluation path

commit 8af1c6fbd9239877998c7f5a591cb2c88d41fb66 upstream. When the forceadd option is enabled, the hash:* types should find and replace the first entry in the bucket with the new one if there are no reuseable (deleted or timed out) entries. However, the position index was just not set to zero and remained the invalid -1 if there were no reuseable entries. Reported-by: syzbot+6a86565c74ebe30aea18@syzkaller.appspotmail.com Fixes: 23c42a403a9c ("netfilter: ipset: Introduction of new commands and protocol version 7") Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Jozsef Kadlecsik <kadlec@netfilter.org> 2020-02-22 12:01:43 +0100
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-03-05 16:43:44 +0100
commit: 6c717726f341fd8f39a3ec2dcf5d98d9d28a2769 (patch)
tree: 7c37788a851308f2310d5cc369cc8be5f44cfc7a /net/netfilter/ipset
parent: f09fbb1175cffdbbb36b28e2ff7db96dcc90de08 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/net/netfilter/ipset/ip_set_hash_gen.h b/net/netfilter/ipset/ip_set_hash_gen.h
index 2ac28c5c7e95..2389c9f89e48 100644
--- a/net/netfilter/ipset/ip_set_hash_gen.h
+++ b/net/netfilter/ipset/ip_set_hash_gen.h
@@ -931,6 +931,8 @@ mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext,
 		}
 	}
 	if (reuse || forceadd) {
+		if (j == -1)
+			j = 0;
 		data = ahash_data(n, j, set->dsize);
 		if (!deleted) {
 #ifdef IP_SET_HASH_WITH_NETS
author	Jozsef Kadlecsik <kadlec@netfilter.org>	2020-02-22 12:01:43 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-03-05 16:43:44 +0100
commit	6c717726f341fd8f39a3ec2dcf5d98d9d28a2769 (patch)
tree	7c37788a851308f2310d5cc369cc8be5f44cfc7a /net/netfilter/ipset
parent	f09fbb1175cffdbbb36b28e2ff7db96dcc90de08 (diff)