diff options
author | Harald Welte <laforge@netfilter.org> | 2005-10-10 20:52:51 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-10-10 20:52:51 -0700 |
commit | d000eaf7720cb12cd03cd3d55f71be44357d27a9 (patch) | |
tree | cbdb3e64a427adedf7f6ec4a75b338d1731bc9ee | |
parent | b3a91d037a2575040f9b6a483f60c407a3d80368 (diff) | |
download | op-kernel-dev-d000eaf7720cb12cd03cd3d55f71be44357d27a9.zip op-kernel-dev-d000eaf7720cb12cd03cd3d55f71be44357d27a9.tar.gz |
[NETFILTER] conntrack_netlink: Fix endian issue with status from userspace
When we send "status" from userspace, we forget to convert the endianness.
This patch adds the reqired conversion. Thanks to Pablo Neira for
discovering this.
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index b08a432..eade2749 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c @@ -833,7 +833,8 @@ out: static inline int ctnetlink_change_status(struct ip_conntrack *ct, struct nfattr *cda[]) { - unsigned long d, status = *(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1]); + unsigned long d; + unsigned status = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1])); d = ct->status ^ status; if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING)) |