tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

netfilter: convert the proto argument from u8 to u16

The proto in struct xt_match and struct xt_target is u16, when
calling xt_check_target/match, their proto argument is u8,
and will cause truncation, it is harmless to ip packet, since
ip proto is u8

if a etable's match/target has proto that is u16, will cause
the check failure.

and convert be16 to short in bridge/netfilter/ebtables.c

Signed-off-by: Zhang Yu <zhangyu31@baidu.com>
Signed-off-by: Li RongQing <lirongqing@baidu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Li RongQing and committed by
Pablo Neira Ayuso 11d4dd0b 3e511d56

+7 -7
+2 -2
include/linux/netfilter/x_tables.h
··· 289 289 290 290 int xt_check_proc_name(const char *name, unsigned int size); 291 291 292 - int xt_check_match(struct xt_mtchk_param *, unsigned int size, u_int8_t proto, 292 + int xt_check_match(struct xt_mtchk_param *, unsigned int size, u16 proto, 293 293 bool inv_proto); 294 - int xt_check_target(struct xt_tgchk_param *, unsigned int size, u_int8_t proto, 294 + int xt_check_target(struct xt_tgchk_param *, unsigned int size, u16 proto, 295 295 bool inv_proto); 296 296 297 297 int xt_match_to_user(const struct xt_entry_match *m,
+3 -3
net/bridge/netfilter/ebtables.c
··· 381 381 par->match = match; 382 382 par->matchinfo = m->data; 383 383 ret = xt_check_match(par, m->match_size, 384 - e->ethproto, e->invflags & EBT_IPROTO); 384 + ntohs(e->ethproto), e->invflags & EBT_IPROTO); 385 385 if (ret < 0) { 386 386 module_put(match->me); 387 387 return ret; ··· 418 418 par->target = watcher; 419 419 par->targinfo = w->data; 420 420 ret = xt_check_target(par, w->watcher_size, 421 - e->ethproto, e->invflags & EBT_IPROTO); 421 + ntohs(e->ethproto), e->invflags & EBT_IPROTO); 422 422 if (ret < 0) { 423 423 module_put(watcher->me); 424 424 return ret; ··· 744 744 tgpar.target = target; 745 745 tgpar.targinfo = t->data; 746 746 ret = xt_check_target(&tgpar, t->target_size, 747 - e->ethproto, e->invflags & EBT_IPROTO); 747 + ntohs(e->ethproto), e->invflags & EBT_IPROTO); 748 748 if (ret < 0) { 749 749 module_put(target->me); 750 750 goto cleanup_watchers;
+2 -2
net/netfilter/x_tables.c
··· 461 461 EXPORT_SYMBOL(xt_check_proc_name); 462 462 463 463 int xt_check_match(struct xt_mtchk_param *par, 464 - unsigned int size, u_int8_t proto, bool inv_proto) 464 + unsigned int size, u16 proto, bool inv_proto) 465 465 { 466 466 int ret; 467 467 ··· 984 984 EXPORT_SYMBOL(xt_find_jump_offset); 985 985 986 986 int xt_check_target(struct xt_tgchk_param *par, 987 - unsigned int size, u_int8_t proto, bool inv_proto) 987 + unsigned int size, u16 proto, bool inv_proto) 988 988 { 989 989 int ret; 990 990