[Bug 84] Unaligned access in ip_tables.c:ip_packet_match

bugzilla-daemon@netfilter.org bugzilla-daemon@netfilter.org
Fri, 26 Dec 2003 18:12:34 +0100


https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=84





------- Additional Comments From tv@debian.org  2003-12-26 18:12 -------
Just wanted to note that
http://lists.netfilter.org/pipermail/netfilter-devel/2003-September/012316.html
http://lists.netfilter.org/pipermail/netfilter-devel/2003-September/012305.html
talk about the same subject, that the same bug triggers an ugly crash on
m68k-nommu. This patch fixes all the symptoms I am seeing.

--- linux-2.4.orig/net/ipv4/netfilter/ip_tables.c	2003-12-26 12:13:58.000000000
+0200
+++ linux-2.4/net/ipv4/netfilter/ip_tables.c	2003-12-26 12:11:01.000000000 +0200
@@ -151,11 +151,11 @@ ip_packet_match(const struct iphdr *ip,
 	}
 
 	/* Look for ifname matches; this should unroll nicely. */
- 	for (i = 0, ret = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) {
- 		ret |= (((const unsigned long *)indev)[i]
- 			^ ((const unsigned long *)ipinfo->iniface)[i])
- 			& ((const unsigned long *)ipinfo->iniface_mask)[i];
- 	}
+	for (i = 0, ret = 0; i < IFNAMSIZ; i++) {
+		ret |= (indev[i]
+			^ ipinfo->iniface[i])
+			& ipinfo->iniface_mask[i];
+	}
 
 	if (FWINV(ret != 0, IPT_INV_VIA_IN)) {
 		dprintf("VIA in mismatch (%s vs %s).%s\n",
@@ -164,11 +172,11 @@ ip_packet_match(const struct iphdr *ip,
 		return 0;
 	}
 
- 	for (i = 0, ret = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) {
- 		ret |= (((const unsigned long *)outdev)[i]
- 			^ ((const unsigned long *)ipinfo->outiface)[i])
- 			& ((const unsigned long *)ipinfo->outiface_mask)[i];
- 	}
+	for (i = 0, ret = 0; i < IFNAMSIZ; i++) {
+		ret |= (outdev[i]
+			^ ipinfo->outiface[i])
+			& ipinfo->outiface_mask[i];
+	}
 
 	if (FWINV(ret != 0, IPT_INV_VIA_OUT)) {
 		dprintf("VIA out mismatch (%s vs %s).%s\n",



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.