Skip to content

Commit

Permalink
netfilter: nft_masq: correct length for loading protocol registers
Browse files Browse the repository at this point in the history 
The values in the protocol registers are two bytes wide.  However, when
parsing the register loads, the code currently uses the larger 16-byte
size of a `union nf_inet_addr`.  Change it to use the (correct) size of
a `union nf_conntrack_man_proto` instead.

Fixes: 8a6bf5d ("netfilter: nft_masq: support port range")
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  • Loading branch information
Jeremy Sowden authored and Pablo Neira Ayuso committed Mar 8, 2023
1 parent 068d82e commit ec2c591
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/netfilter/nft_masq.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ static int nft_masq_init(const struct nft_ctx *ctx,
const struct nft_expr *expr,
const struct nlattr * const tb[])
{
u32 plen = sizeof_field(struct nf_nat_range, min_addr.all);
u32 plen = sizeof_field(struct nf_nat_range, min_proto.all);
struct nft_masq *priv = nft_expr_priv(expr);
int err;

Expand Down

0 comments on commit ec2c591

Please sign in to comment.