Commit d978e5da authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: ctnetlink: fix expectation timeout dumping

When the timer is late its timeout might be before the current time,
in which case a very large value is dumped.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 77236b6e
...@@ -1356,7 +1356,10 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, ...@@ -1356,7 +1356,10 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
const struct nf_conntrack_expect *exp) const struct nf_conntrack_expect *exp)
{ {
struct nf_conn *master = exp->master; struct nf_conn *master = exp->master;
__be32 timeout = htonl((exp->timeout.expires - jiffies) / HZ); long timeout = (exp->timeout.expires - jiffies) / HZ;
if (timeout < 0)
timeout = 0;
if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0) if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0)
goto nla_put_failure; goto nla_put_failure;
...@@ -1367,7 +1370,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, ...@@ -1367,7 +1370,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
CTA_EXPECT_MASTER) < 0) CTA_EXPECT_MASTER) < 0)
goto nla_put_failure; goto nla_put_failure;
NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, timeout); NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, htonl(timeout));
NLA_PUT_BE32(skb, CTA_EXPECT_ID, htonl((unsigned long)exp)); NLA_PUT_BE32(skb, CTA_EXPECT_ID, htonl((unsigned long)exp));
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment