git.openpandora.org
/
pandora-kernel.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
netfilter: nat: cope with negative port range
[pandora-kernel.git]
/
net
/
ipv4
/
netfilter
/
nf_nat_proto_common.c
diff --git
a/net/ipv4/netfilter/nf_nat_proto_common.c
b/net/ipv4/netfilter/nf_nat_proto_common.c
index
a3d9976
..
ccb69ce
100644
(file)
--- a/
net/ipv4/netfilter/nf_nat_proto_common.c
+++ b/
net/ipv4/netfilter/nf_nat_proto_common.c
@@
-42,7
+42,7
@@
void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
const struct nf_conn *ct,
u_int16_t *rover)
{
const struct nf_conn *ct,
u_int16_t *rover)
{
- unsigned int range_size, min, i;
+ unsigned int range_size, min,
max,
i;
__be16 *portptr;
u_int16_t off;
__be16 *portptr;
u_int16_t off;
@@
-72,7
+72,10
@@
void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
}
} else {
min = ntohs(range->min.all);
}
} else {
min = ntohs(range->min.all);
- range_size = ntohs(range->max.all) - min + 1;
+ max = ntohs(range->max.all);
+ if (unlikely(max < min))
+ swap(max, min);
+ range_size = max - min + 1;
}
if (range->flags & IP_NAT_RANGE_PROTO_RANDOM)
}
if (range->flags & IP_NAT_RANGE_PROTO_RANDOM)