summaryrefslogtreecommitdiffstats
path: root/kernel/linux/net/bridge/netfilter/ebt_mark.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/linux/net/bridge/netfilter/ebt_mark.c')
-rw-r--r--kernel/linux/net/bridge/netfilter/ebt_mark.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark.c b/kernel/linux/net/bridge/netfilter/ebt_mark.c
index 1e4d98b..75edcf7 100644
--- a/kernel/linux/net/bridge/netfilter/ebt_mark.c
+++ b/kernel/linux/net/bridge/netfilter/ebt_mark.c
@@ -40,6 +40,10 @@ static int ebt_target_mark_check(const char *tablename, unsigned int hookmask,
{
struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data;
+ if ((hookmask & (1 << NF_BR_NUMHOOKS)) &&
+ infostuff->target == EBT_RETURN)
+ return -EINVAL;
+ hookmask &= ~(1 << NF_BR_NUMHOOKS);
if (datalen != sizeof(struct ebt_mark_t_info))
return -EINVAL;
if (infostuff->target < -NUM_STANDARD_TARGETS || infostuff->target >= 0)