[PATCH] netfilter: ECN target corrupts packets (2.6 only)
Rusty Russell
rusty at rustcorp.com.au
Sun Jan 2 12:17:40 CET 2005
Name: ipt_ECN corrupt checksum fix
Status: Tested under nfsim
Signed-off-by: Rusty Russell <rusty at rustcorp.com.au>
Nasty bug, caught while writing the ECN target test. Corrupts
checksums of packets when target is used on them.
Let this be a warning on the evils of casts.
Index: linux-2.6.10-bk1-Netfilter/net/ipv4/netfilter/ipt_ECN.c
===================================================================
--- linux-2.6.10-bk1-Netfilter.orig/net/ipv4/netfilter/ipt_ECN.c 2005-01-02 21:47:31.439866944 +1100
+++ linux-2.6.10-bk1-Netfilter/net/ipv4/netfilter/ipt_ECN.c 2005-01-02 21:56:47.396348712 +1100
@@ -67,7 +67,7 @@
if (einfo->operation & IPT_ECN_OP_SET_CWR)
th->cwr = einfo->proto.tcp.cwr;
- diffs[1] = ((u_int16_t *)&th)[6];
+ diffs[1] = ((u_int16_t *)th)[6];
/* Only mangle if it's changed. */
if (diffs[0] != diffs[1]) {
--
A bad analogy is like a leaky screwdriver -- Richard Braakman
More information about the netfilter-devel
mailing list