diff options
| author | Phil Sutter <phil@nwl.cc> | 2019-09-02 18:39:51 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2019-09-04 12:15:40 +0200 |
| commit | f27901afb038b07532b4c31cb77bbc0bd8068253 (patch) | |
| tree | f8ab3b0c5e12b3fae43980c9b4a6d2060525ef8e /src | |
| parent | f196de88cdd9764ddc2e4de737a960972d82fe9d (diff) | |
conntrack: Fix CIDR to mask conversion on Big Endian
Code assumed host architecture to be Little Endian. Instead produce a
proper mask by pushing the set bits into most significant position and
apply htonl() on the result.
Fixes: 3f6a2e90936bb ("conntrack: add support for CIDR notation")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/conntrack.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/conntrack.c b/src/conntrack.c index c980a13..f65926b 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -2210,7 +2210,7 @@ nfct_build_netmask(uint32_t *dst, int b, int n) dst[i] = 0xffffffff; b -= 32; } else if (b > 0) { - dst[i] = (1 << b) - 1; + dst[i] = htonl(~0u << (32 - b)); b = 0; } else { dst[i] = 0; |