Code assumed host architecture to be Little Endian. Instead produce a
proper mask by pushing the set bits into most significant position and
apply htonl() on the result.
Fixes: 3f6a2e90936bb ("conntrack: add support for CIDR notation")
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
Changes since v1:
- Simplify bitshift operation as per Florian's suggestion.
---
src/conntrack.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/conntrack.c b/src/conntrack.c
index c980a13f33d2c..f65926b298ad3 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -2210,7 +2210,7 @@ nfct_build_netmask(uint32_t *dst, int b, int n)
dst[i] = 0xffffffff;
b -= 32;
} else if (b > 0) {
- dst[i] = (1 << b) - 1;
+ dst[i] = htonl(~0u << (32 - b));
b = 0;
} else {
dst[i] = 0;
--
2.22.0
