xt_u32 20070626 (Re: VLAN match within iptables)

Tue Jun 26 15:19:20 CEST 2007

Jan Engelhardt wrote:
> Subject: Add the U32 match from POM-NG

I prefer incremental patches. Your patch looks good,
I'm wondering about the constant 3 though. A int is
four bytes long.

+               if (skb->len < 3 || pos > skb->len - 3);

assume skb->len == 3, pos = 0. Its obviously incorrent.

+                               if (at + 3 < at || skb->len < at + 3 ||
+                                   pos > skb->len - at - 3)

Same here, just assume the same as above and at == 0.

So I'm replacing all 3s by 4s.