* [NETFILTER 3/*]: GRE conntrack: fix htons/htonl confusion
@ 2006-05-19 1:21 Patrick McHardy
2006-05-19 9:18 ` David S. Miller
0 siblings, 1 reply; 2+ messages in thread
From: Patrick McHardy @ 2006-05-19 1:21 UTC (permalink / raw)
To: David S. Miller; +Cc: Netfilter Development Mailinglist
[-- Attachment #1: Type: text/plain, Size: 689 bytes --]
Hi Dave,
following are three more fixes on top of the last two: the
byteorder fixes from Alexey Dobriyan and Solar Designer's
do_add_counters fix. Please also apply.
net/ipv4/netfilter/arp_tables.c | 2 +-
net/ipv4/netfilter/ip_nat_proto_gre.c | 12 ++++++------
net/ipv6/netfilter/ip6_tables.c | 2 +-
net/netfilter/nfnetlink_log.c | 4 ++--
4 files changed, 10 insertions(+), 10 deletions(-)
Alexey Dobriyan:
[NETFILTER]: GRE conntrack: fix htons/htonl confusion
Kirill Korotaev:
[NETFILTER]: Fix do_add_counters race, possible oops or info leak
(CVE-2006-0039)
Patrick McHardy:
[NETFILTER]: nfnetlink_log: fix byteorder confusion
[-- Attachment #2: 01.diff --]
[-- Type: text/plain, Size: 1858 bytes --]
[NETFILTER]: GRE conntrack: fix htons/htonl confusion
GRE keys are 16 bit.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 326640604c2d35b4b93808fc478e337a9f94414c
tree ed970126dc0500310b6c7cc812ad1e438ce701c0
parent a54c9d30dbb06391ec4422aaf0e1dc2c8c53bd3e
author Alexey Dobriyan <adobriyan@gmail.com> Thu, 18 May 2006 16:35:47 +0200
committer Patrick McHardy <kaber@trash.net> Thu, 18 May 2006 16:35:47 +0200
net/ipv4/netfilter/ip_nat_proto_gre.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/net/ipv4/netfilter/ip_nat_proto_gre.c b/net/ipv4/netfilter/ip_nat_proto_gre.c
index 6c4899d..96ceaba 100644
--- a/net/ipv4/netfilter/ip_nat_proto_gre.c
+++ b/net/ipv4/netfilter/ip_nat_proto_gre.c
@@ -49,15 +49,15 @@ gre_in_range(const struct ip_conntrack_t
const union ip_conntrack_manip_proto *min,
const union ip_conntrack_manip_proto *max)
{
- u_int32_t key;
+ __be16 key;
if (maniptype == IP_NAT_MANIP_SRC)
key = tuple->src.u.gre.key;
else
key = tuple->dst.u.gre.key;
- return ntohl(key) >= ntohl(min->gre.key)
- && ntohl(key) <= ntohl(max->gre.key);
+ return ntohs(key) >= ntohs(min->gre.key)
+ && ntohs(key) <= ntohs(max->gre.key);
}
/* generate unique tuple ... */
@@ -81,14 +81,14 @@ gre_unique_tuple(struct ip_conntrack_tup
min = 1;
range_size = 0xffff;
} else {
- min = ntohl(range->min.gre.key);
- range_size = ntohl(range->max.gre.key) - min + 1;
+ min = ntohs(range->min.gre.key);
+ range_size = ntohs(range->max.gre.key) - min + 1;
}
DEBUGP("min = %u, range_size = %u\n", min, range_size);
for (i = 0; i < range_size; i++, key++) {
- *keyptr = htonl(min + key % range_size);
+ *keyptr = htons(min + key % range_size);
if (!ip_nat_used_tuple(tuple, conntrack))
return 1;
}
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-05-19 9:18 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-05-19 1:21 [NETFILTER 3/*]: GRE conntrack: fix htons/htonl confusion Patrick McHardy
2006-05-19 9:18 ` David S. Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.