diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-03-04 15:51:59 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-03-04 15:51:59 +0100 |
commit | bee0b3c9d1f38f03b325e7c67a5a918a0837f900 (patch) | |
tree | 27e1f1ad11774b3588ab5a09dafd5c8251236ba7 /src | |
parent | fb61c68dd0ba2e6ce98516ddbbd3b10638f4bcea (diff) |
parse: fix access to u64 attributes in netlink messages
This patch fixes parsing of 64 bits attributes (that are unaligned)
in ctnetlink. It would be better to add nfnl_get_uX() functions
similar to those in include/net/netlink.h to libnfnetlink to avoid
this sort of errors.
Reported-by: Jan Engelhardt <jengelh@medozas.es>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/conntrack/parse.c | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c index 0e0cd58..60dabe4 100644 --- a/src/conntrack/parse.c +++ b/src/conntrack/parse.c @@ -276,9 +276,11 @@ static void __parse_protoinfo_dccp(const struct nfattr *attr, set_bit(ATTR_DCCP_ROLE, ct->set); } if (tb[CTA_PROTOINFO_DCCP_SEQ-1]) { - ct->protoinfo.dccp.handshake_seq = - __be64_to_cpu(*(u_int64_t *) - NFA_DATA(tb[CTA_PROTOINFO_DCCP_SEQ-1])); + u_int64_t tmp; + memcpy(&tmp, + NFA_DATA(tb[CTA_PROTOINFO_DCCP_SEQ-1]), + sizeof(tmp)); + ct->protoinfo.dccp.handshake_seq = __be64_to_cpu(tmp); set_bit(ATTR_DCCP_HANDSHAKE_SEQ, ct->set); } } @@ -314,10 +316,13 @@ static void __parse_counters(const struct nfattr *attr, = ntohl(*(u_int32_t *) NFA_DATA(tb[CTA_COUNTERS32_PACKETS-1])); - if (tb[CTA_COUNTERS_PACKETS-1]) - ct->counters[dir].packets - = __be64_to_cpu(*(u_int64_t *) - NFA_DATA(tb[CTA_COUNTERS_PACKETS-1])); + if (tb[CTA_COUNTERS_PACKETS-1]) { + u_int64_t tmp; + memcpy(&tmp, + NFA_DATA(tb[CTA_COUNTERS_PACKETS-1]), + sizeof(tmp)); + ct->counters[dir].packets = __be64_to_cpu(tmp); + } switch(dir) { case __DIR_ORIG: @@ -335,10 +340,13 @@ static void __parse_counters(const struct nfattr *attr, = ntohl(*(u_int32_t *) NFA_DATA(tb[CTA_COUNTERS32_BYTES-1])); - if (tb[CTA_COUNTERS_BYTES-1]) - ct->counters[dir].bytes - = __be64_to_cpu(*(u_int64_t *) - NFA_DATA(tb[CTA_COUNTERS_BYTES-1])); + if (tb[CTA_COUNTERS_BYTES-1]) { + u_int64_t tmp; + memcpy(&tmp, + NFA_DATA(tb[CTA_COUNTERS_BYTES-1]), + sizeof(tmp)); + ct->counters[dir].bytes = __be64_to_cpu(tmp); + } switch(dir) { case __DIR_ORIG: |