Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

netfilter: nf_tables: nft_payload: fix transport header base

Browse source 
We cannot use skb->transport_header since it's unset, use
pkt->xt.thoff instead.

Now possible using information made available through the x_tables
compatibility layer.

Reported-by: Eric Leblond <eric@regit.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2013-10-11 10:00:22 +02:00
parent 0ca743a559
commit c54032e05b
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/netfilter/nf_tables_core.c
View file

@ -44,7 +44,7 @@ static bool nft_payload_fast_eval(const struct nft_expr *expr,
if (priv->base == NFT_PAYLOAD_NETWORK_HEADER) if (priv->base == NFT_PAYLOAD_NETWORK_HEADER)
ptr = skb_network_header(skb); ptr = skb_network_header(skb);
else else
ptr = skb_transport_header(skb); ptr = skb_network_header(skb) + pkt->xt.thoff;
ptr += priv->offset; ptr += priv->offset;

2
net/netfilter/nft_payload.c
View file

@ -36,7 +36,7 @@ static void nft_payload_eval(const struct nft_expr *expr,
offset = skb_network_offset(skb); offset = skb_network_offset(skb);
break; break;
case NFT_PAYLOAD_TRANSPORT_HEADER: case NFT_PAYLOAD_TRANSPORT_HEADER:
offset = skb_transport_offset(skb); offset = pkt->xt.thoff;
break; break;
default: default:
BUG(); BUG();