diff options
| author |   Li RongQing <lirongqing@baidu.com> | 2019-02-22 21:45:52 +0800 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-01 14:28:43 +0100 |
| commit | 11d4dd0b20041289e60f0642d458b96389b3125d (patch) | |
| tree | bf229db7341740b188f9023a777ae21c00ef0e6d /net/netfilter/x_tables.c | |
| parent | netfilter: nft_tunnel: Add dst_cache support (diff) | |
| download | linux-dev-11d4dd0b20041289e60f0642d458b96389b3125d.tar.xz linux-dev-11d4dd0b20041289e60f0642d458b96389b3125d.zip | |
netfilter: convert the proto argument from u8 to u16
The proto in struct xt_match and struct xt_target is u16, when
calling xt_check_target/match, their proto argument is u8,
and will cause truncation, it is harmless to ip packet, since
ip proto is u8
if a etable's match/target has proto that is u16, will cause
the check failure.
and convert be16 to short in bridge/netfilter/ebtables.c
Signed-off-by: Zhang Yu <zhangyu31@baidu.com>
Signed-off-by: Li RongQing <lirongqing@baidu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to '')
| -rw-r--r-- | net/netfilter/x_tables.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 13e1ac333fa4..e5e5c64df8d1 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -461,7 +461,7 @@ int xt_check_proc_name(const char *name, unsigned int size) EXPORT_SYMBOL(xt_check_proc_name); int xt_check_match(struct xt_mtchk_param *par, - unsigned int size, u_int8_t proto, bool inv_proto) + unsigned int size, u16 proto, bool inv_proto) { int ret; @@ -984,7 +984,7 @@ bool xt_find_jump_offset(const unsigned int *offsets, EXPORT_SYMBOL(xt_find_jump_offset); int xt_check_target(struct xt_tgchk_param *par, - unsigned int size, u_int8_t proto, bool inv_proto) + unsigned int size, u16 proto, bool inv_proto) { int ret; |