netfilter: xt_socket: Make tproto signed in socket_mt6_v1().
Otherwise error indications from ipv6_find_hdr() won't be noticed. This required making the protocol argument to extract_icmp6_fields() signed too. Reported-by: Geert Uytterhoeven <geert@linux-m68k.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
19449bfc10
commit
089282fb02
|
@ -195,7 +195,7 @@ socket_mt4_v1(const struct sk_buff *skb, struct xt_action_param *par)
|
|||
static int
|
||||
extract_icmp6_fields(const struct sk_buff *skb,
|
||||
unsigned int outside_hdrlen,
|
||||
u8 *protocol,
|
||||
int *protocol,
|
||||
struct in6_addr **raddr,
|
||||
struct in6_addr **laddr,
|
||||
__be16 *rport,
|
||||
|
@ -252,8 +252,7 @@ socket_mt6_v1(const struct sk_buff *skb, struct xt_action_param *par)
|
|||
struct sock *sk;
|
||||
struct in6_addr *daddr, *saddr;
|
||||
__be16 dport, sport;
|
||||
int thoff;
|
||||
u8 tproto;
|
||||
int thoff, tproto;
|
||||
const struct xt_socket_mtinfo1 *info = (struct xt_socket_mtinfo1 *) par->matchinfo;
|
||||
|
||||
tproto = ipv6_find_hdr(skb, &thoff, -1, NULL);
|
||||
|
@ -305,7 +304,7 @@ socket_mt6_v1(const struct sk_buff *skb, struct xt_action_param *par)
|
|||
sk = NULL;
|
||||
}
|
||||
|
||||
pr_debug("proto %hhu %pI6:%hu -> %pI6:%hu "
|
||||
pr_debug("proto %hhd %pI6:%hu -> %pI6:%hu "
|
||||
"(orig %pI6:%hu) sock %p\n",
|
||||
tproto, saddr, ntohs(sport),
|
||||
daddr, ntohs(dport),
|
||||
|
|
Loading…
Reference in New Issue