diff options
author | Florian Westphal <fw@strlen.de> | 2019-02-22 13:26:05 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2019-02-22 16:50:14 +0100 |
commit | d68672a641439b72bccfcb39d50f26fe3f915c19 (patch) | |
tree | 128af8af28fd18116bd6283483e85352339b609f /iptables/nft-arp.c | |
parent | 73a0c2ef36d15e8277f0e00337736668b325381a (diff) |
arptables-nft: fix decoding of hlen on bigendian platforms
The existing test fail with:
extensions/libarpt_standard.t: ERROR: line 2 (cannot find: arptables -I INPUT -s 192.168.0.1)
... because hlen is 0 instead of expected "6".
The rule is correct, i.e. this is a decode/display bug: arp_hlen is
specified as 'unsigned short' instead of uint8_t.
On LSB systems, this doesn't matter but on MSB the value then is '0x600'
instead of '0x006' which becomes 0 when assignment to the u8 header field.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft-arp.c')
-rw-r--r-- | iptables/nft-arp.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index a3715579..9805bbe0 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -338,7 +338,8 @@ static void nft_arp_parse_payload(struct nft_xt_ctx *ctx, struct iptables_command_state *cs = data; struct arpt_entry *fw = &cs->arp; struct in_addr addr; - unsigned short int ar_hrd, ar_pro, ar_op, ar_hln; + uint16_t ar_hrd, ar_pro, ar_op; + uint8_t ar_hln; bool inv; switch (ctx->payload.offset) { @@ -364,7 +365,7 @@ static void nft_arp_parse_payload(struct nft_xt_ctx *ctx, fw->arp.invflags |= ARPT_INV_ARPOP; break; case offsetof(struct arphdr, ar_hln): - get_cmp_data(e, &ar_hln, sizeof(ar_op), &inv); + get_cmp_data(e, &ar_hln, sizeof(ar_hln), &inv); fw->arp.arhln = ar_hln; fw->arp.arhln_mask = 0xff; if (inv) |