[NETFILTER] conntrack_netlink: Fix endian issue with status from userspace

When we send "status" from userspace, we forget to convert the endianness. This patch adds the reqired conversion. Thanks to Pablo Neira for discovering this. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>

[NETFILTER] conntrack_netlink: Fix endian issue with status from userspace
When we send "status" from userspace, we forget to convert the endianness. This patch adds the reqired conversion. Thanks to Pablo Neira for discovering this. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
d000eaf7 · Harald Welte · David S. Miller · b3a91d03 · d000eaf7
Commit d000eaf7 authored Oct 10, 2005 by Harald Welte Committed by David S. Miller Oct 10, 2005
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

net/ipv4/netfilter/ip_conntrack_netlink.c net/ipv4/netfilter/ip_conntrack_netlink.c +2 -1

No files found.
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -833,7 +833,8 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
 static inline int
 ctnetlink_change_status(struct ip_conntrack *ct, struct nfattr *cda[])
 {
-	unsigned long d, status = *(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1]);
+	unsigned long d;
+	unsigned status = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1]));
 	d = ct->status ^ status;

 	if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING))