[libnetfilter_conntrack PATCH] conntrack: increase the length of `l4proto_map`

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



With addition of MPTCP `IPPROTO_MAX` is greater than 256, so extend the
array to account for the new upper bound.

Signed-off-by: Jeremy Sowden <jeremy@xxxxxxxxxx>
---
 include/internal/object.h | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/internal/object.h b/include/internal/object.h
index 75ffdbe97229..b919f5784df3 100644
--- a/include/internal/object.h
+++ b/include/internal/object.h
@@ -6,6 +6,7 @@
 #ifndef _NFCT_OBJECT_H_
 #define _NFCT_OBJECT_H_
 
+#include <internal/bitops.h>
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 
 /*
@@ -223,12 +224,13 @@ struct nfct_filter {
 	enum nfct_filter_logic 	logic[NFCT_FILTER_MAX];
 
 	/*
-	 * This the layer 4 protocol map for filtering. Not more than 
-	 * 255 protocols (maximum is IPPROTO_MAX which is 256). Actually,
-	 * I doubt that anyone can reach such a limit.
+	 * This the layer 4 protocol map for filtering. Not more than 255
+	 * protocols.  Although IPPROTO_MAX is currently 263, there are many
+	 * fewer protocols defined in netinet/in.h, so no one should reach this
+	 * limit.
 	 */
 #define __FILTER_L4PROTO_MAX	255
-	uint32_t 		l4proto_map[IPPROTO_MAX/32];
+	uint32_t 		l4proto_map[DIV_ROUND_UP(IPPROTO_MAX, 32)];
 	uint32_t		l4proto_len;
 
 	struct {
-- 
2.35.1




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux