releases/2.6.19.1/ebtables-verify-that-ebt_entries-have-zero-distinguisher.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From stable-bounces@linux.kernel.org  Thu Nov 30 19:52:51 2006
 Date: Thu, 30 Nov 2006 19:47:56 -0800 (PST)
 Message-Id: <20061130.194756.57443738.davem@davemloft.net>
 To: stable@kernel.org
 From: David Miller <davem@davemloft.net>
 Cc: bunk@stusta.de
 Subject: EBTABLES: Verify that ebt_entries have zero ->distinguisher.

 From: Al Viro <viro@zeniv.linux.org.uk>

 We need that for iterator to work; existing check had been too weak.

 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
 ---
  net/bridge/netfilter/ebtables.c |   10 +++++-----
  1 file changed, 5 insertions(+), 5 deletions(-)

 --- linux-2.6.19.orig/net/bridge/netfilter/ebtables.c
 +++ linux-2.6.19/net/bridge/netfilter/ebtables.c
 @@ -417,7 +417,7 @@ ebt_check_entry_size_and_hooks(struct eb
  	/* beginning of a new chain
  	   if i == NF_BR_NUMHOOKS it must be a user defined chain */
  	if (i != NF_BR_NUMHOOKS || !(e->bitmask & EBT_ENTRY_OR_ENTRIES)) {
 -		if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) != 0) {
 +		if (e->bitmask != 0) {
  			/* we make userspace set this right,
  			   so there is no misunderstanding */
  			BUGPRINT("EBT_ENTRY_OR_ENTRIES shouldn't be set "
 @@ -500,7 +500,7 @@ ebt_get_udc_positions(struct ebt_entry *
  	int i;

  	/* we're only interested in chain starts */
 -	if (e->bitmask & EBT_ENTRY_OR_ENTRIES)
 +	if (e->bitmask)
  		return 0;
  	for (i = 0; i < NF_BR_NUMHOOKS; i++) {
  		if ((valid_hooks & (1 << i)) == 0)
 @@ -550,7 +550,7 @@ ebt_cleanup_entry(struct ebt_entry *e, u
  {
  	struct ebt_entry_target *t;

 -	if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0)
 +	if (e->bitmask == 0)
  		return 0;
  	/* we're done */
  	if (cnt && (*cnt)-- == 0)
 @@ -576,7 +576,7 @@ ebt_check_entry(struct ebt_entry *e, str
  	int ret;

  	/* don't mess with the struct ebt_entries */
 -	if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0)
 +	if (e->bitmask == 0)
  		return 0;

  	if (e->bitmask & ~EBT_F_MASK) {
 @@ -1309,7 +1309,7 @@ static inline int ebt_make_names(struct
  	char *hlp;
  	struct ebt_entry_target *t;

 -	if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0)
 +	if (e->bitmask == 0)
  		return 0;

  	hlp = ubase - base + (char *)e + e->target_offset;
	From stable-bounces@linux.kernel.org Thu Nov 30 19:52:51 2006
	Date: Thu, 30 Nov 2006 19:47:56 -0800 (PST)
	Message-Id: <20061130.194756.57443738.davem@davemloft.net>
	To: stable@kernel.org
	From: David Miller <davem@davemloft.net>
	Cc: bunk@stusta.de
	Subject: EBTABLES: Verify that ebt_entries have zero ->distinguisher.

	From: Al Viro <viro@zeniv.linux.org.uk>

	We need that for iterator to work; existing check had been too weak.

	Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
	Signed-off-by: David S. Miller <davem@davemloft.net>
	Signed-off-by: Chris Wright <chrisw@sous-sol.org>
	---
	net/bridge/netfilter/ebtables.c \| 10 +++++-----
	1 file changed, 5 insertions(+), 5 deletions(-)

	--- linux-2.6.19.orig/net/bridge/netfilter/ebtables.c
	+++ linux-2.6.19/net/bridge/netfilter/ebtables.c
	@@ -417,7 +417,7 @@ ebt_check_entry_size_and_hooks(struct eb
	/* beginning of a new chain
	if i == NF_BR_NUMHOOKS it must be a user defined chain */
	if (i != NF_BR_NUMHOOKS \|\| !(e->bitmask & EBT_ENTRY_OR_ENTRIES)) {
	- if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) != 0) {
	+ if (e->bitmask != 0) {
	/* we make userspace set this right,
	so there is no misunderstanding */
	BUGPRINT("EBT_ENTRY_OR_ENTRIES shouldn't be set "
	@@ -500,7 +500,7 @@ ebt_get_udc_positions(struct ebt_entry *
	int i;

	/* we're only interested in chain starts */
	- if (e->bitmask & EBT_ENTRY_OR_ENTRIES)
	+ if (e->bitmask)
	return 0;
	for (i = 0; i < NF_BR_NUMHOOKS; i++) {
	if ((valid_hooks & (1 << i)) == 0)
	@@ -550,7 +550,7 @@ ebt_cleanup_entry(struct ebt_entry *e, u
	{
	struct ebt_entry_target *t;

	- if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0)
	+ if (e->bitmask == 0)
	return 0;
	/* we're done */
	if (cnt && (*cnt)-- == 0)
	@@ -576,7 +576,7 @@ ebt_check_entry(struct ebt_entry *e, str
	int ret;

	/* don't mess with the struct ebt_entries */
	- if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0)
	+ if (e->bitmask == 0)
	return 0;

	if (e->bitmask & ~EBT_F_MASK) {
	@@ -1309,7 +1309,7 @@ static inline int ebt_make_names(struct
	char *hlp;
	struct ebt_entry_target *t;

	- if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0)
	+ if (e->bitmask == 0)
	return 0;

	hlp = ubase - base + (char *)e + e->target_offset;