From d57e6c5c0e616268f72ff82a71f5e82f334d77a1 Mon Sep 17 00:00:00 2001
From: Hunter Gregory <42728408+huntergregory@users.noreply.github.com>
Date: Thu, 12 Sep 2024 15:24:22 -0700
Subject: [PATCH] [backport] fix: [NPM] [Linux] handle more than 15 leaked
 ipsets (#3007)

[backport] fix: [NPM] [Linux] handle more than 15 leaked ipsets (#2998)

Signed-off-by: Hunter Gregory <42728408+huntergregory@users.noreply.github.com>
---
 npm/pkg/dataplane/ipsets/ipsetmanager_linux.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/npm/pkg/dataplane/ipsets/ipsetmanager_linux.go b/npm/pkg/dataplane/ipsets/ipsetmanager_linux.go
index 3a29d14e37..d654e589f3 100644
--- a/npm/pkg/dataplane/ipsets/ipsetmanager_linux.go
+++ b/npm/pkg/dataplane/ipsets/ipsetmanager_linux.go
@@ -229,8 +229,15 @@ func (iMgr *IPSetManager) setsWithReferences() map[string]struct{} {
 	var setsWithReferences map[string]struct{}
 	if haveRefsStill {
 		setsWithReferences = readByteLinesToMap(setsWithReferencesBytes)
+		subset := make(map[string]struct{}, maxLinesToPrint)
+		for key := range setsWithReferences {
+			subset[key] = struct{}{}
+			if len(subset) >= maxLinesToPrint {
+				break
+			}
+		}
 		metrics.SendErrorLogAndMetric(util.IpsmID, "error: found leaked reference counts in kernel. ipsets (max %d): %+v. err: %v",
-			maxLinesToPrint, setsWithReferences, err)
+			maxLinesToPrint, subset, err)
 	}
 
 	return setsWithReferences
@@ -847,9 +854,6 @@ func readByteLinesToMap(output []byte) map[string]struct{} {
 		line, readIndex = parse.Line(readIndex, output)
 		hashedSetName := strings.Trim(string(line), "\n")
 		lines[hashedSetName] = struct{}{}
-		if len(lines) > maxLinesToPrint {
-			break
-		}
 	}
 	return lines
 }