[NETFILTER]: xt_sctp: fix mistake to pass a pointer where array is required Macros like SCTP_CHUNKMAP_XXX(chukmap) require chukmap to be an array, but match_packet() passes a pointer to these macros. Also remove the ELEMCOUNT macro and fix a bug in SCTP_CHUNKMAP_COPY. Signed-off-by: Li Zefan <lizf@xxxxxxxxxxxxxx> Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> --- commit 49091cc16abab0ee62d22b36371f720f5727537e tree fbd19a12cad171095c2a0fd9f87c174bbbad0b2f parent 9768fafed7a5588757d972b2f511cb17a874f496 author Li Zefan <lizf@xxxxxxxxxxxxxx> Thu, 18 Oct 2007 12:09:53 +0200 committer Patrick McHardy <kaber@xxxxxxxxx> Thu, 18 Oct 2007 12:09:53 +0200 include/linux/netfilter/xt_sctp.h | 13 +++++-------- net/netfilter/xt_sctp.c | 18 ++++++++---------- 2 files changed, 13 insertions(+), 18 deletions(-) diff --git a/include/linux/netfilter/xt_sctp.h b/include/linux/netfilter/xt_sctp.h index b157897..dd5a4fd 100644 --- a/include/linux/netfilter/xt_sctp.h +++ b/include/linux/netfilter/xt_sctp.h @@ -7,9 +7,6 @@ #define XT_SCTP_VALID_FLAGS 0x07 -#define ELEMCOUNT(x) (sizeof(x)/sizeof(x[0])) - - struct xt_sctp_flag_info { u_int8_t chunktype; u_int8_t flag; @@ -59,21 +56,21 @@ struct xt_sctp_info { #define SCTP_CHUNKMAP_RESET(chunkmap) \ do { \ int i; \ - for (i = 0; i < ELEMCOUNT(chunkmap); i++) \ + for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ chunkmap[i] = 0; \ } while (0) #define SCTP_CHUNKMAP_SET_ALL(chunkmap) \ do { \ int i; \ - for (i = 0; i < ELEMCOUNT(chunkmap); i++) \ + for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ chunkmap[i] = ~0; \ } while (0) #define SCTP_CHUNKMAP_COPY(destmap, srcmap) \ do { \ int i; \ - for (i = 0; i < ELEMCOUNT(chunkmap); i++) \ + for (i = 0; i < ARRAY_SIZE(srcmap); i++) \ destmap[i] = srcmap[i]; \ } while (0) @@ -81,7 +78,7 @@ struct xt_sctp_info { ({ \ int i; \ int flag = 1; \ - for (i = 0; i < ELEMCOUNT(chunkmap); i++) { \ + for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ if (chunkmap[i]) { \ flag = 0; \ break; \ @@ -94,7 +91,7 @@ struct xt_sctp_info { ({ \ int i; \ int flag = 1; \ - for (i = 0; i < ELEMCOUNT(chunkmap); i++) { \ + for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ if (chunkmap[i] != ~0) { \ flag = 0; \ break; \ diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index f907770..3358273 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c @@ -42,21 +42,21 @@ match_flags(const struct xt_sctp_flag_info *flag_info, static inline bool match_packet(const struct sk_buff *skb, unsigned int offset, - const u_int32_t *chunkmap, - int chunk_match_type, - const struct xt_sctp_flag_info *flag_info, - const int flag_count, + const struct xt_sctp_info *info, bool *hotdrop) { u_int32_t chunkmapcopy[256 / sizeof (u_int32_t)]; sctp_chunkhdr_t _sch, *sch; + int chunk_match_type = info->chunk_match_type; + const struct xt_sctp_flag_info *flag_info = info->flag_info; + int flag_count = info->flag_count; #ifdef DEBUG_SCTP int i = 0; #endif if (chunk_match_type == SCTP_CHUNK_MATCH_ALL) - SCTP_CHUNKMAP_COPY(chunkmapcopy, chunkmap); + SCTP_CHUNKMAP_COPY(chunkmapcopy, info->chunkmap); do { sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch); @@ -73,7 +73,7 @@ match_packet(const struct sk_buff *skb, duprintf("skb->len: %d\toffset: %d\n", skb->len, offset); - if (SCTP_CHUNKMAP_IS_SET(chunkmap, sch->type)) { + if (SCTP_CHUNKMAP_IS_SET(info->chunkmap, sch->type)) { switch (chunk_match_type) { case SCTP_CHUNK_MATCH_ANY: if (match_flags(flag_info, flag_count, @@ -104,7 +104,7 @@ match_packet(const struct sk_buff *skb, switch (chunk_match_type) { case SCTP_CHUNK_MATCH_ALL: - return SCTP_CHUNKMAP_IS_CLEAR(chunkmap); + return SCTP_CHUNKMAP_IS_CLEAR(info->chunkmap); case SCTP_CHUNK_MATCH_ANY: return false; case SCTP_CHUNK_MATCH_ONLY: @@ -148,9 +148,7 @@ match(const struct sk_buff *skb, && ntohs(sh->dest) <= info->dpts[1], XT_SCTP_DEST_PORTS, info->flags, info->invflags) && SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t), - info->chunkmap, info->chunk_match_type, - info->flag_info, info->flag_count, - hotdrop), + info, hotdrop), XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); } - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html