From a0b7cc0d20429ca1b62f551a4bd528ef7a0ea09b Mon Sep 17 00:00:00 2001
From: Duncan Roe <duncan_roe@optusnet.com.au>
Date: Fri, 27 Sep 2019 22:56:45 +1000
Subject: src: Update UDP header length field after mangling

One would expect nfq_udp_mangle_ipv4() to take care of the length field
in the UDP header but it did not.  With this patch, it does. This patch
is very unlikely to adversely affect any existing userspace software
(that did its own length adjustment), because UDP checksumming was
broken.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/extra/udp.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/extra')

diff --git a/src/extra/udp.c b/src/extra/udp.c
index c48a179..f89d314 100644
--- a/src/extra/udp.c
+++ b/src/extra/udp.c
@@ -140,6 +140,8 @@ nfq_udp_mangle_ipv4(struct pkt_buff *pkt,
 	iph = (struct iphdr *)pkt->network_header;
 	udph = (struct udphdr *)(pkt->network_header + iph->ihl*4);
 
+	udph->len = htons(ntohs(udph->len) + rep_len - match_len);
+
 	if (!nfq_ip_mangle(pkt, iph->ihl*4 + sizeof(struct udphdr),
 				match_offset, match_len, rep_buffer, rep_len))
 		return 0;
-- 
cgit v1.2.3