Mailing List Archive: iptables: Devel

[PATCH 6/6] netfilter: xt_u32: fix length checks in u32_match_it

Index | Next | Previous | View Threaded

apw at shadowen

Aug 16, 2007, 6:19 AM

Post #1 of 2 (680 views)
Permalink

[PATCH 6/6] netfilter: xt_u32: fix length checks in u32_match_it

It seems an extraneous trailing ';' has slipped into the skb length
checks in u32_match_it() triggering an unconditional missmatch.

Signed-off-by: Andy Whitcroft <apw [at] shadowen>
Cc: netfilter-devel [at] lists
---
net/netfilter/xt_u32.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/netfilter/xt_u32.c b/net/netfilter/xt_u32.c
index 74f9b14..bec4279 100644
--- a/net/netfilter/xt_u32.c
+++ b/net/netfilter/xt_u32.c
@@ -36,7 +36,7 @@ static bool u32_match_it(const struct xt_u32 *data,
at = 0;
pos = ct->location[0].number;

- if (skb->len < 4 || pos > skb->len - 4);
+ if (skb->len < 4 || pos > skb->len - 4)
return false;

ret = skb_copy_bits(skb, pos, &n, sizeof(n));

kaber at trash

Aug 16, 2007, 7:32 AM

Post #2 of 2 (590 views)
Permalink

Re: [PATCH 6/6] netfilter: xt_u32: fix length checks in u32_match_it [In reply to]

Andy Whitcroft wrote:
> It seems an extraneous trailing ';' has slipped into the skb length
> checks in u32_match_it() triggering an unconditional missmatch.

Thanks, this already fixed in net-2.6 and should hit Linus' tree soon.

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads