kernel: update kernel 3.18 to version 3.18.23
[openwrt/staging/chunkeey.git] / target / linux / generic / patches-3.18 / 612-netfilter_match_reduce_memory_access.patch
1 --- a/net/ipv4/netfilter/ip_tables.c
2 +++ b/net/ipv4/netfilter/ip_tables.c
3 @@ -85,9 +85,11 @@ ip_packet_match(const struct iphdr *ip,
4 if (ipinfo->flags & IPT_F_NO_DEF_MATCH)
5 return true;
6
7 - if (FWINV((ip->saddr&ipinfo->smsk.s_addr) != ipinfo->src.s_addr,
8 + if (FWINV(ipinfo->smsk.s_addr &&
9 + (ip->saddr&ipinfo->smsk.s_addr) != ipinfo->src.s_addr,
10 IPT_INV_SRCIP) ||
11 - FWINV((ip->daddr&ipinfo->dmsk.s_addr) != ipinfo->dst.s_addr,
12 + FWINV(ipinfo->dmsk.s_addr &&
13 + (ip->daddr&ipinfo->dmsk.s_addr) != ipinfo->dst.s_addr,
14 IPT_INV_DSTIP)) {
15 dprintf("Source or dest mismatch.\n");
16