rpms / conntrack-tools

Clone
Source Code
GIT

Blame SOURCES/0005-conntrack-Fix-CIDR-to-mask-conversion-on-Big-Endian.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c7
  2.   SOURCES
  3.   0005-conntrack-Fix-CIDR-to-mask-conversion-on-Big-Endian.patch
Blob History Raw
5a989b 
From a34911f038f5591fdf115909eff494adde1606ce Mon Sep 17 00:00:00 2001
5a989b 
From: Phil Sutter <phil@nwl.cc>
5a989b 
Date: Mon, 2 Sep 2019 18:39:51 +0200
5a989b 
Subject: [PATCH] conntrack: Fix CIDR to mask conversion on Big Endian
5a989b
5a989b 
Code assumed host architecture to be Little Endian. Instead produce a
5a989b 
proper mask by pushing the set bits into most significant position and
5a989b 
apply htonl() on the result.
5a989b
5a989b 
Fixes: 3f6a2e90936bb ("conntrack: add support for CIDR notation")
5a989b 
Signed-off-by: Phil Sutter <phil@nwl.cc>
5a989b 
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
5a989b 
(cherry picked from commit f27901afb038b07532b4c31cb77bbc0bd8068253)
5a989b 
---
5a989b 
 src/conntrack.c | 2 +-
5a989b 
 1 file changed, 1 insertion(+), 1 deletion(-)
5a989b
5a989b 
diff --git a/src/conntrack.c b/src/conntrack.c
5a989b 
index cbf03c7be8834..725e85d329c98 100644
5a989b 
--- a/src/conntrack.c
5a989b 
+++ b/src/conntrack.c
5a989b 
@@ -2175,7 +2175,7 @@ nfct_build_netmask(uint32_t *dst, int b, int n)
5a989b 
 			dst[i] = 0xffffffff;
5a989b 
 			b -= 32;
5a989b 
 		} else if (b > 0) {
5a989b 
-			dst[i] = (1 << b) - 1;
5a989b 
+			dst[i] = htonl(~0u << (32 - b));
5a989b 
 			b = 0;
5a989b 
 		} else {
5a989b 
 			dst[i] = 0;
5a989b 
--
5a989b 
2.22.0
5a989b

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation