From 37e3a543a9517543e10aa87a362f0dbe6f0370f2 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Fri, 20 Jul 2012 17:28:38 +0200 Subject: [PATCH] extensions: fix ipv6_find_hdr upstream change fallout Upstream commit v3.5-rc1~109^2~138^2~4 ("netfilter: ip6_tables: add flags parameter to ipv6_find_hdr()") changed the offset parameter of ipv6_find_hdr() to be an input-output value. Moreover, if it is non-zero, it MUST point to a valid IPv6 header embedded in the packet. --- doc/changelog.txt | 2 ++ extensions/xt_RAWNAT.c | 4 ++-- extensions/xt_SYSRQ.c | 2 +- extensions/xt_length2.c | 3 ++- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/doc/changelog.txt b/doc/changelog.txt index b4ec4b7..14db878 100644 --- a/doc/changelog.txt +++ b/doc/changelog.txt @@ -1,6 +1,8 @@ HEAD ==== +Fixes: +- length2, SYSRQ, RAWNAT: preinitialize values for ipv6_find_hdr v1.45 (2012-07-16) diff --git a/extensions/xt_RAWNAT.c b/extensions/xt_RAWNAT.c index a837276..c15b5e5 100644 --- a/extensions/xt_RAWNAT.c +++ b/extensions/xt_RAWNAT.c @@ -244,7 +244,7 @@ static unsigned int rawsnat_tg6(struct sk_buff **pskb, const struct xt_action_param *par) { const struct xt_rawnat_tginfo *info = par->targinfo; - unsigned int l4offset, l4proto; + unsigned int l4offset = 0, l4proto; struct ipv6hdr *iph; struct in6_addr new_addr; @@ -265,7 +265,7 @@ static unsigned int rawdnat_tg6(struct sk_buff **pskb, const struct xt_action_param *par) { const struct xt_rawnat_tginfo *info = par->targinfo; - unsigned int l4offset, l4proto; + unsigned int l4offset = 0, l4proto; struct ipv6hdr *iph; struct in6_addr new_addr; diff --git a/extensions/xt_SYSRQ.c b/extensions/xt_SYSRQ.c index 35502ef..9b59313 100644 --- a/extensions/xt_SYSRQ.c +++ b/extensions/xt_SYSRQ.c @@ -240,7 +240,7 @@ sysrq_tg6(struct sk_buff **pskb, const struct xt_action_param *par) const struct ipv6hdr *iph; const struct udphdr *udph; unsigned short frag_off; - unsigned int th_off; + unsigned int th_off = 0; uint16_t len; if (skb_linearize(skb) < 0) diff --git a/extensions/xt_length2.c b/extensions/xt_length2.c index 2755e2f..726a92e 100644 --- a/extensions/xt_length2.c +++ b/extensions/xt_length2.c @@ -203,7 +203,8 @@ length2_mt6(const struct sk_buff *skb, struct xt_action_param *par) const struct xt_length_mtinfo2 *info = par->matchinfo; const struct ipv6hdr *iph = ipv6_hdr(skb); unsigned int len = 0, l4proto; - unsigned int thoff = par->thoff; + /* par->thoff would only set if ip6tables -p was used; so just use 0 */ + unsigned int thoff = 0; bool hit = true; if (info->flags & XT_LENGTH_LAYER3) {