[NETFILTER]: {ip,ip6,arp}_tables: fix exponential worst-case search for loops - linux

diff options

author	Al Viro <viro@zeniv.linux.org.uk>	2006-12-12 09:29:52 +0100
committer	David S. Miller <davem@sunset.davemloft.net>	2006-12-14 01:48:23 +0100
commit	e1b4b9f3986b80d5785d91dbd8d72cfaf9fd1117 (patch)
tree	96732395f387104b7af0641a5127352dc0d6124d /net/unix
parent	[NETFILTER]: ip_tables: ipt and ipt_compat checks unification (diff)
download	linux-e1b4b9f3986b80d5785d91dbd8d72cfaf9fd1117.tar.xz linux-e1b4b9f3986b80d5785d91dbd8d72cfaf9fd1117.zip

[NETFILTER]: {ip,ip6,arp}_tables: fix exponential worst-case search for loops

If we come to node we'd already marked as seen and it's not a part of path (i.e. we don't have a loop right there), we already know that it isn't a part of any loop, so we don't need to revisit it. That speeds the things up if some chain is refered to from several places and kills O(exp(table size)) worst-case behaviour (without sleeping, at that, so if you manage to self-LART that way, you are SOL for a long time)... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'net/unix')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: