[PATCH-resend] fix bug in mac match (ipv6)
Kis-Szabo Andras
kisza@sch.bme.hu
Thu, 11 Oct 2001 17:56:54 +0200
Harald Welte ....................................... (2001. október 05.)
Hi!
IPv6: ip6tables MAC match fix (from Harald's one):
--- linux-2.4.9/net/ipv6/netfilter/ip6t_mac.c Tue Oct 2 18:50:56 2001
+++ linux-2.4.9-ipt_mac-fix/net/ipv6/netfilter/ip6t_mac.c Tue Oct 2 19:32:20 2001
@@ -20,7 +20,7 @@
/* Is mac pointer valid? */
return (skb->mac.raw >= skb->head
- && skb->mac.raw < skb->head + skb->len - ETH_HLEN
+ && (skb->mac.raw + ETH_HLEN) <= skb->data
/* If so, compare... */
&& ((memcmp(skb->mac.ethernet->h_source, info->srcaddr, ETH_ALEN)
== 0) ^ info->invert));
[... other parts snipped ...]
Th LK 2.4.11 and 2.4.12 is out with the bug (the IPv4 part of this bug
is fixed.)
regards,
kisza
--
Kis-Szabo Andras BUTE - Schonherz Dormitory
---------------------------/ Favourite tools: Zorp, NetFilter
kisza@sch.bme.hu /---Member of the BUTE-MIS-SEARCHlab--->>>>>.Info