From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: Patrick McHardy <kaber@trash.net>, netfilter-devel@vger.kernel.org
Subject: [NETFILTER 02/05]: xt_conntrack: fix missing boolean clamping
Date: Wed, 27 Feb 2008 14:14:22 +0100 (MET) [thread overview]
Message-ID: <20080227131430.26831.77763.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20080227131427.26831.51195.sendpatchset@localhost.localdomain>
[NETFILTER]: xt_conntrack: fix missing boolean clamping
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit bcc67d744bd9df15cb4e2d590b30ddadebd5a867
tree 8888741a4eb78658db89b968d066837478238597
parent 2ffa8857857148a5b0c0823852d6cb2551a3ae5a
author Jan Engelhardt <jengelh@computergmbh.de> Wed, 27 Feb 2008 13:23:56 +0100
committer Patrick McHardy <kaber@trash.net> Wed, 27 Feb 2008 13:23:56 +0100
net/netfilter/xt_conntrack.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index 8533085..dd192ac 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -231,7 +231,7 @@ conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
if (test_bit(IPS_DST_NAT_BIT, &ct->status))
statebit |= XT_CONNTRACK_STATE_DNAT;
}
- if ((info->state_mask & statebit) ^
+ if (!!(info->state_mask & statebit) ^
!(info->invert_flags & XT_CONNTRACK_STATE))
return false;
}
next prev parent reply other threads:[~2008-02-27 13:14 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-27 13:14 [NETFILTER 00/05]: Netfilter fixes Patrick McHardy
2008-02-27 13:14 ` [NETFILTER 01/05]: nf_conntrack: fix smp_processor_id() in preemptible code warning Patrick McHardy
2008-02-27 20:09 ` David Miller
2008-02-27 13:14 ` Patrick McHardy [this message]
2008-02-27 20:10 ` [NETFILTER 02/05]: xt_conntrack: fix missing boolean clamping David Miller
2008-02-27 13:14 ` [NETFILTER 03/05]: xt_conntrack: fix IPv4 address comparison Patrick McHardy
2008-02-27 20:20 ` David Miller
2008-02-27 13:14 ` [NETFILTER 04/05]: nf_nat: always select same SNAT source for same host Patrick McHardy
2008-02-27 16:31 ` Patrick McHardy
2008-02-27 20:07 ` David Miller
2009-01-13 14:24 ` Bernhard Schmidt
2008-02-27 13:14 ` [NETFILTER 05/05]: Fix NF_QUEUE_NR() parenthesis Patrick McHardy
2008-02-27 20:21 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080227131430.26831.77763.sendpatchset@localhost.localdomain \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.