diff options
author | Junwei Hu <hujunwei4@huawei.com> | 2019-08-01 00:03:30 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-08-03 18:39:16 +0200 |
commit | 1b90af292e71b20d03b837d39406acfbdc5d4b2a (patch) | |
tree | 938c76930b716c816fd8d8ba29b1e7398e268490 /net/netfilter/ipset | |
parent | e84fb4b3666dabd3917952fb33588daa891a6ad3 (diff) |
ipvs: Improve robustness to the ipvs sysctl
The ipvs module parse the user buffer and save it to sysctl,
then check if the value is valid. invalid value occurs
over a period of time.
Here, I add a variable, struct ctl_table tmp, used to read
the value from the user buffer, and save only when it is valid.
I delete proc_do_sync_mode and use extra1/2 in table for the
proc_dointvec_minmax call.
Fixes: f73181c8288f ("ipvs: add support for sync threads")
Signed-off-by: Junwei Hu <hujunwei4@huawei.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/ipset')
0 files changed, 0 insertions, 0 deletions