netfilter: nf_tables: nft_payload: fix transport header base

We cannot use skb->transport_header since it's unset, use
pkt->xt.thoff instead.

Now possible using information made available through the x_tables
compatibility layer.

Reported-by: Eric Leblond <eric@regit.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c
index e51a45c..3c13007 100644 (file)
--- a/net/netfilter/nf_tables_core.c
+++ b/net/netfilter/nf_tables_core.c
@@ -44,7 +44,7 @@ static bool nft_payload_fast_eval(const struct nft_expr *expr,
        if (priv->base == NFT_PAYLOAD_NETWORK_HEADER)
                ptr = skb_network_header(skb);
        else
-               ptr = skb_transport_header(skb);
+               ptr = skb_network_header(skb) + pkt->xt.thoff;
 
        ptr += priv->offset;
 

diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c
index bc8bdb2..a2aeb31 100644 (file)
--- a/net/netfilter/nft_payload.c
+++ b/net/netfilter/nft_payload.c
@@ -36,7 +36,7 @@ static void nft_payload_eval(const struct nft_expr *expr,
                offset = skb_network_offset(skb);
                break;
        case NFT_PAYLOAD_TRANSPORT_HEADER:
-               offset = skb_transport_offset(skb);
+               offset = pkt->xt.thoff;
                break;
        default:
                BUG();