netfilter: nat: cope with negative port range

[pandora-kernel.git] / net / ipv4 / netfilter / nf_nat_proto_common.c

diff --git a/net/ipv4/netfilter/nf_nat_proto_common.c b/net/ipv4/netfilter/nf_nat_proto_common.c
index a3d9976..ccb69ce 100644 (file)
--- a/net/ipv4/netfilter/nf_nat_proto_common.c
+++ b/net/ipv4/netfilter/nf_nat_proto_common.c
@@ -42,7 +42,7 @@ void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
                               const struct nf_conn *ct,
                               u_int16_t *rover)
 {
-       unsigned int range_size, min, i;
+       unsigned int range_size, min, max, i;
        __be16 *portptr;
        u_int16_t off;
 
@@ -72,7 +72,10 @@ void nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
                }
        } else {
                min = ntohs(range->min.all);
-               range_size = ntohs(range->max.all) - min + 1;
+               max = ntohs(range->max.all);
+               if (unlikely(max < min))
+                       swap(max, min);
+               range_size = max - min + 1;
        }
 
        if (range->flags & IP_NAT_RANGE_PROTO_RANDOM)