Commit 009e8c96 authored by Li Zefan's avatar Li Zefan Committed by David S. Miller

[NETFILTER]: xt_sctp: fix mistake to pass a pointer where array is required

Macros like SCTP_CHUNKMAP_XXX(chukmap) require chukmap to be an array,
but match_packet() passes a pointer to these macros. Also remove the
ELEMCOUNT macro and fix a bug in SCTP_CHUNKMAP_COPY.
Signed-off-by: default avatarLi Zefan <lizf@cn.fujitsu.com>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 1b83336b
...@@ -7,9 +7,6 @@ ...@@ -7,9 +7,6 @@
#define XT_SCTP_VALID_FLAGS 0x07 #define XT_SCTP_VALID_FLAGS 0x07
#define ELEMCOUNT(x) (sizeof(x)/sizeof(x[0]))
struct xt_sctp_flag_info { struct xt_sctp_flag_info {
u_int8_t chunktype; u_int8_t chunktype;
u_int8_t flag; u_int8_t flag;
...@@ -59,21 +56,21 @@ struct xt_sctp_info { ...@@ -59,21 +56,21 @@ struct xt_sctp_info {
#define SCTP_CHUNKMAP_RESET(chunkmap) \ #define SCTP_CHUNKMAP_RESET(chunkmap) \
do { \ do { \
int i; \ int i; \
for (i = 0; i < ELEMCOUNT(chunkmap); i++) \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
chunkmap[i] = 0; \ chunkmap[i] = 0; \
} while (0) } while (0)
#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \ #define SCTP_CHUNKMAP_SET_ALL(chunkmap) \
do { \ do { \
int i; \ int i; \
for (i = 0; i < ELEMCOUNT(chunkmap); i++) \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
chunkmap[i] = ~0; \ chunkmap[i] = ~0; \
} while (0) } while (0)
#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \ #define SCTP_CHUNKMAP_COPY(destmap, srcmap) \
do { \ do { \
int i; \ int i; \
for (i = 0; i < ELEMCOUNT(chunkmap); i++) \ for (i = 0; i < ARRAY_SIZE(srcmap); i++) \
destmap[i] = srcmap[i]; \ destmap[i] = srcmap[i]; \
} while (0) } while (0)
...@@ -81,7 +78,7 @@ struct xt_sctp_info { ...@@ -81,7 +78,7 @@ struct xt_sctp_info {
({ \ ({ \
int i; \ int i; \
int flag = 1; \ int flag = 1; \
for (i = 0; i < ELEMCOUNT(chunkmap); i++) { \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \
if (chunkmap[i]) { \ if (chunkmap[i]) { \
flag = 0; \ flag = 0; \
break; \ break; \
...@@ -94,7 +91,7 @@ struct xt_sctp_info { ...@@ -94,7 +91,7 @@ struct xt_sctp_info {
({ \ ({ \
int i; \ int i; \
int flag = 1; \ int flag = 1; \
for (i = 0; i < ELEMCOUNT(chunkmap); i++) { \ for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \
if (chunkmap[i] != ~0) { \ if (chunkmap[i] != ~0) { \
flag = 0; \ flag = 0; \
break; \ break; \
......
...@@ -42,21 +42,21 @@ match_flags(const struct xt_sctp_flag_info *flag_info, ...@@ -42,21 +42,21 @@ match_flags(const struct xt_sctp_flag_info *flag_info,
static inline bool static inline bool
match_packet(const struct sk_buff *skb, match_packet(const struct sk_buff *skb,
unsigned int offset, unsigned int offset,
const u_int32_t *chunkmap, const struct xt_sctp_info *info,
int chunk_match_type,
const struct xt_sctp_flag_info *flag_info,
const int flag_count,
bool *hotdrop) bool *hotdrop)
{ {
u_int32_t chunkmapcopy[256 / sizeof (u_int32_t)]; u_int32_t chunkmapcopy[256 / sizeof (u_int32_t)];
sctp_chunkhdr_t _sch, *sch; sctp_chunkhdr_t _sch, *sch;
int chunk_match_type = info->chunk_match_type;
const struct xt_sctp_flag_info *flag_info = info->flag_info;
int flag_count = info->flag_count;
#ifdef DEBUG_SCTP #ifdef DEBUG_SCTP
int i = 0; int i = 0;
#endif #endif
if (chunk_match_type == SCTP_CHUNK_MATCH_ALL) if (chunk_match_type == SCTP_CHUNK_MATCH_ALL)
SCTP_CHUNKMAP_COPY(chunkmapcopy, chunkmap); SCTP_CHUNKMAP_COPY(chunkmapcopy, info->chunkmap);
do { do {
sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch); sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch);
...@@ -73,7 +73,7 @@ match_packet(const struct sk_buff *skb, ...@@ -73,7 +73,7 @@ match_packet(const struct sk_buff *skb,
duprintf("skb->len: %d\toffset: %d\n", skb->len, offset); duprintf("skb->len: %d\toffset: %d\n", skb->len, offset);
if (SCTP_CHUNKMAP_IS_SET(chunkmap, sch->type)) { if (SCTP_CHUNKMAP_IS_SET(info->chunkmap, sch->type)) {
switch (chunk_match_type) { switch (chunk_match_type) {
case SCTP_CHUNK_MATCH_ANY: case SCTP_CHUNK_MATCH_ANY:
if (match_flags(flag_info, flag_count, if (match_flags(flag_info, flag_count,
...@@ -104,7 +104,7 @@ match_packet(const struct sk_buff *skb, ...@@ -104,7 +104,7 @@ match_packet(const struct sk_buff *skb,
switch (chunk_match_type) { switch (chunk_match_type) {
case SCTP_CHUNK_MATCH_ALL: case SCTP_CHUNK_MATCH_ALL:
return SCTP_CHUNKMAP_IS_CLEAR(chunkmap); return SCTP_CHUNKMAP_IS_CLEAR(info->chunkmap);
case SCTP_CHUNK_MATCH_ANY: case SCTP_CHUNK_MATCH_ANY:
return false; return false;
case SCTP_CHUNK_MATCH_ONLY: case SCTP_CHUNK_MATCH_ONLY:
...@@ -148,9 +148,7 @@ match(const struct sk_buff *skb, ...@@ -148,9 +148,7 @@ match(const struct sk_buff *skb,
&& ntohs(sh->dest) <= info->dpts[1], && ntohs(sh->dest) <= info->dpts[1],
XT_SCTP_DEST_PORTS, info->flags, info->invflags) XT_SCTP_DEST_PORTS, info->flags, info->invflags)
&& SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t), && SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t),
info->chunkmap, info->chunk_match_type, info, hotdrop),
info->flag_info, info->flag_count,
hotdrop),
XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); XT_SCTP_CHUNK_TYPES, info->flags, info->invflags);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment