diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2008-10-08 11:35:13 +0200 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 11:35:13 +0200 |
commit | 18219d3f7d6a5bc43825a41e0763158efbdb80d3 (patch) | |
tree | aca133d934ec93fc441d5a26937b2428d23573bd /net/bridge/netfilter/ebt_ip.c | |
parent | d2f26037a38ada4a5d40d1cf0b32bc5289f50312 (diff) | |
download | kernel_samsung_smdk4412-18219d3f7d6a5bc43825a41e0763158efbdb80d3.zip kernel_samsung_smdk4412-18219d3f7d6a5bc43825a41e0763158efbdb80d3.tar.gz kernel_samsung_smdk4412-18219d3f7d6a5bc43825a41e0763158efbdb80d3.tar.bz2 |
netfilter: ebtables: do centralized size checking
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/bridge/netfilter/ebt_ip.c')
-rw-r--r-- | net/bridge/netfilter/ebt_ip.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/net/bridge/netfilter/ebt_ip.c b/net/bridge/netfilter/ebt_ip.c index 65caa00..c1ae254 100644 --- a/net/bridge/netfilter/ebt_ip.c +++ b/net/bridge/netfilter/ebt_ip.c @@ -11,13 +11,13 @@ * Innominate Security Technologies AG <mhopf@innominate.com> * September, 2002 */ - -#include <linux/netfilter_bridge/ebtables.h> -#include <linux/netfilter_bridge/ebt_ip.h> #include <linux/ip.h> #include <net/ip.h> #include <linux/in.h> #include <linux/module.h> +#include <linux/netfilter/x_tables.h> +#include <linux/netfilter_bridge/ebtables.h> +#include <linux/netfilter_bridge/ebt_ip.h> struct tcpudphdr { __be16 src; @@ -83,8 +83,6 @@ static int ebt_ip_check(const char *tablename, unsigned int hookmask, { const struct ebt_ip_info *info = data; - if (datalen != EBT_ALIGN(sizeof(struct ebt_ip_info))) - return -EINVAL; if (e->ethproto != htons(ETH_P_IP) || e->invflags & EBT_IPROTO) return -EINVAL; @@ -111,6 +109,7 @@ static struct ebt_match filter_ip __read_mostly = { .name = EBT_IP_MATCH, .match = ebt_filter_ip, .check = ebt_ip_check, + .matchsize = XT_ALIGN(sizeof(struct ebt_ip_info)), .me = THIS_MODULE, }; |