From: Patrick McHardy <kaber@trash.net>
To: "David S. Miller" <davem@davemloft.net>
Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>
Subject: [NETFILTER 3/*]: GRE conntrack: fix htons/htonl confusion
Date: Fri, 19 May 2006 03:21:45 +0200 [thread overview]
Message-ID: <446D1DA9.5000507@trash.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 689 bytes --]
Hi Dave,
following are three more fixes on top of the last two: the
byteorder fixes from Alexey Dobriyan and Solar Designer's
do_add_counters fix. Please also apply.
net/ipv4/netfilter/arp_tables.c | 2 +-
net/ipv4/netfilter/ip_nat_proto_gre.c | 12 ++++++------
net/ipv6/netfilter/ip6_tables.c | 2 +-
net/netfilter/nfnetlink_log.c | 4 ++--
4 files changed, 10 insertions(+), 10 deletions(-)
Alexey Dobriyan:
[NETFILTER]: GRE conntrack: fix htons/htonl confusion
Kirill Korotaev:
[NETFILTER]: Fix do_add_counters race, possible oops or info leak
(CVE-2006-0039)
Patrick McHardy:
[NETFILTER]: nfnetlink_log: fix byteorder confusion
[-- Attachment #2: 01.diff --]
[-- Type: text/plain, Size: 1858 bytes --]
[NETFILTER]: GRE conntrack: fix htons/htonl confusion
GRE keys are 16 bit.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 326640604c2d35b4b93808fc478e337a9f94414c
tree ed970126dc0500310b6c7cc812ad1e438ce701c0
parent a54c9d30dbb06391ec4422aaf0e1dc2c8c53bd3e
author Alexey Dobriyan <adobriyan@gmail.com> Thu, 18 May 2006 16:35:47 +0200
committer Patrick McHardy <kaber@trash.net> Thu, 18 May 2006 16:35:47 +0200
net/ipv4/netfilter/ip_nat_proto_gre.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c
index 6c4899d..96ceaba 100644
--- a/net/ipv4/netfilter/ip_nat_proto_gre.c
+++ b/net/ipv4/netfilter/ip_nat_proto_gre.c
@@ -49,15 +49,15 @@ gre_in_range(const struct ip_conntrack_t
const union ip_conntrack_manip_proto *min,
const union ip_conntrack_manip_proto *max)
{
- u_int32_t key;
+ __be16 key;
if (maniptype == IP_NAT_MANIP_SRC)
key = tuple->src.u.gre.key;
else
key = tuple->dst.u.gre.key;
- return ntohl(key) >= ntohl(min->gre.key)
- && ntohl(key) <= ntohl(max->gre.key);
+ return ntohs(key) >= ntohs(min->gre.key)
+ && ntohs(key) <= ntohs(max->gre.key);
}
/* generate unique tuple ... */
@@ -81,14 +81,14 @@ gre_unique_tuple(struct ip_conntrack_tup
min = 1;
range_size = 0xffff;
} else {
- min = ntohl(range->min.gre.key);
- range_size = ntohl(range->max.gre.key) - min + 1;
+ min = ntohs(range->min.gre.key);
+ range_size = ntohs(range->max.gre.key) - min + 1;
}
DEBUGP("min = %u, range_size = %u\n", min, range_size);
for (i = 0; i < range_size; i++, key++) {
- *keyptr = htonl(min + key % range_size);
+ *keyptr = htons(min + key % range_size);
if (!ip_nat_used_tuple(tuple, conntrack))
return 1;
}
next reply other threads:[~2006-05-19 1:21 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-19 1:21 Patrick McHardy [this message]
2006-05-19 9:18 ` [NETFILTER 3/*]: GRE conntrack: fix htons/htonl confusion David S. Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=446D1DA9.5000507@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.