Skip to content

L
linux
Commit 1d1c397d authored by Jan Engelhardt's avatar Jan Engelhardt
Browse files
Options

netfilter: xtables: clean up xt_mac match routine 

Signed-off-by: default avatarJan Engelhardt <jengelh@medozas.de>
parent 7d5f7ed8
Hide whitespace changes
Inline Side-by-side
Showing with 10 additions and 8 deletions
net/netfilter/xt_mac.c
View file @ 1d1c397d
...@@ -26,14 +26,16 @@ MODULE_ALIAS("ip6t_mac"); ...@@ -26,14 +26,16 @@ MODULE_ALIAS("ip6t_mac");
static bool mac_mt(const struct sk_buff *skb, const struct xt_match_param *par) static bool mac_mt(const struct sk_buff *skb, const struct xt_match_param *par)
{ {
const struct xt_mac_info *info = par->matchinfo; const struct xt_mac_info *info = par->matchinfo;
bool ret;
/* Is mac pointer valid? */
return skb_mac_header(skb) >= skb->head && if (skb_mac_header(skb) < skb->head)
skb_mac_header(skb) + ETH_HLEN <= skb->data return false;
/* If so, compare... */ if (skb_mac_header(skb) + ETH_HLEN > skb->data)
&& ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr)) return false;
^ info->invert); ret = compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr) == 0;
ret ^= info->invert;
return ret;
} }
static struct xt_match mac_mt_reg __read_mostly = { static struct xt_match mac_mt_reg __read_mostly = {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7