From: Patrick McHardy Date: Tue, 18 Dec 2007 06:37:03 +0000 (-0800) Subject: [NETFILTER]: ctnetlink: fix expectation timeout dumping X-Git-Tag: v2.6.25-rc1~1162^2~1014 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d978e5daec544ec72b28bf72a30dc9ac3da23a35;p=linux-2.6 [NETFILTER]: ctnetlink: fix expectation timeout dumping When the timer is late its timeout might be before the current time, in which case a very large value is dumped. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index dcd0c9a4bb..75012585ef 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -1356,7 +1356,10 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, const struct nf_conntrack_expect *exp) { struct nf_conn *master = exp->master; - __be32 timeout = htonl((exp->timeout.expires - jiffies) / HZ); + long timeout = (exp->timeout.expires - jiffies) / HZ; + + if (timeout < 0) + timeout = 0; if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0) goto nla_put_failure; @@ -1367,7 +1370,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, CTA_EXPECT_MASTER) < 0) goto nla_put_failure; - NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, timeout); + NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, htonl(timeout)); NLA_PUT_BE32(skb, CTA_EXPECT_ID, htonl((unsigned long)exp)); return 0;