Re: [patch 3/4] Make sure ip_vs_ftp ports are valid

Sun, 03 Sep 2006 19:11:59 -0700 

On Mon, Sep 04, 2006 at 09:44:02AM +0900, Horms wrote:
> On Mon, Sep 04, 2006 at 01:09:59AM +0200, Patrick McHardy wrote:
> > Horms wrote:
> > > I'm not entirely sure what happens in the case of a valid port,
> > > at best it'll be silently ignored. This patch ignores them a little
> > > more verbosely.
> > > 
> > > Signed-Off-By: Simon Horman <[EMAIL PROTECTED]>
> > > Index: linux-2.6/net/ipv4/ipvs/ip_vs_ftp.c
> > > ===================================================================
> > > --- linux-2.6.orig/net/ipv4/ipvs/ip_vs_ftp.c      2006-09-01 
> > > 19:06:42.000000000 +0900
> > > +++ linux-2.6/net/ipv4/ipvs/ip_vs_ftp.c   2006-09-01 19:08:19.000000000 
> > > +0900
> > > @@ -373,6 +373,12 @@
> > >   for (i=0; i<IP_VS_APP_MAX_PORTS; i++) {
> > >           if (!ports[i])
> > >                   continue;
> > > +         if (ports[i] < 0 || ports[i] > 0xffff) {
> > > +                 IP_VS_WARNING("ip_vs_ftp: Ignoring invalid "
> > > +                               "configuration port[%d] = %d\n",
> > > +                               i, ports[i]);
> > > +                 continue;
> > > +         }
> > 
> > How about just changing the module parameter type to ushort, similar to
> > what ip_conntrack_ftp does?
> 
> Sure. I wasn't sure if that was possible or not.
> But as it is, I will make it so.

Here is the revised patch.

-- 
Horms
  H: http://www.vergenet.net/~horms/
  W: http://www.valinux.co.jp/en/

[IPVS] Make sure ip_vs_ftp ports are valid

I'm not entirely sure what happens in the case of a valid port,
at best it'll be silently ignored. This patch ensures that
the port values are unsigned short values, and thus always valid.

Cc: Patrick McHardy <[EMAIL PROTECTED]>
Signed-Off-By: Simon Horman <[EMAIL PROTECTED]>

Index: linux-2.6/net/ipv4/ipvs/ip_vs_ftp.c
===================================================================
--- linux-2.6.orig/net/ipv4/ipvs/ip_vs_ftp.c    2006-09-04 10:47:09.000000000 
+0900
+++ linux-2.6/net/ipv4/ipvs/ip_vs_ftp.c 2006-09-04 10:59:30.000000000 +0900
@@ -44,8 +44,8 @@
  * List of ports (up to IP_VS_APP_MAX_PORTS) to be handled by helper
  * First port is set to the default port.
  */
-static int ports[IP_VS_APP_MAX_PORTS] = {21, 0};
-module_param_array(ports, int, NULL, 0);
+static unsigned short ports[IP_VS_APP_MAX_PORTS] = {21, 0};
+module_param_array(ports, ushort, NULL, 0);
 MODULE_PARM_DESC(ports, "Ports to monitor for FTP control commands");
 
 /*

-- 
VGER BF report: U 0.832414
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to