]> err.no Git - linux-2.6/commitdiff
[NETFILTER] conntrack_netlink: Fix endian issue with status from userspace
authorHarald Welte <laforge@netfilter.org>
Tue, 11 Oct 2005 03:52:51 +0000 (20:52 -0700)
committerDavid S. Miller <davem@davemloft.net>
Tue, 11 Oct 2005 03:52:51 +0000 (20:52 -0700)
When we send "status" from userspace, we forget to convert the endianness.
This patch adds the reqired conversion.  Thanks to Pablo Neira for
discovering this.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/netfilter/ip_conntrack_netlink.c

index b08a432efcf8e9d601005f5c31f666f815ccd2a0..eade2749915a92c2a296ccec22deaaa4177f77ca 100644 (file)
@@ -833,7 +833,8 @@ out:
 static inline int
 ctnetlink_change_status(struct ip_conntrack *ct, struct nfattr *cda[])
 {
-       unsigned long d, status = *(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1]);
+       unsigned long d;
+       unsigned status = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1]));
        d = ct->status ^ status;
 
        if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING))