summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-05-24 16:40:51 -0700
committerDavid S. Miller <davem@davemloft.net>2007-05-24 16:40:51 -0700
commit5fe26f53fe9e2ba5dca2835a4ca69d0ba7b5f707 (patch)
tree2d506b9167f0fdf742f70427d292e9c16dcd630b
parent2e4b3b0e8734d1173c96c6f5d8a8dd6728950b56 (diff)
[NETFILTER]: nf_conntrack_ftp: fix newline sequence number update
When trying to locate the oldest entry in the history of newline character sequence numbers, the sequence number of the current entry is incorrectly compared with the index of the oldest sequence number instead of the number itself. Additionally it is not made sure that the current sequence number really is after the oldest known one. Based on report by YU, Haitao <yuhaitao@tsinghua.org.cn> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/netfilter/nf_conntrack_ftp.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c
index a186799f6542..4bb669c7780f 100644
--- a/net/netfilter/nf_conntrack_ftp.c
+++ b/net/netfilter/nf_conntrack_ftp.c
@@ -335,15 +335,17 @@ static void update_nl_seq(u32 nl_seq, struct nf_ct_ftp_master *info, int dir,
if (info->seq_aft_nl[dir][i] == nl_seq)
return;
- if (oldest == info->seq_aft_nl_num[dir]
- || before(info->seq_aft_nl[dir][i], oldest))
+ if (oldest == info->seq_aft_nl_num[dir] ||
+ before(info->seq_aft_nl[dir][i],
+ info->seq_aft_nl[dir][oldest]))
oldest = i;
}
if (info->seq_aft_nl_num[dir] < NUM_SEQ_TO_REMEMBER) {
info->seq_aft_nl[dir][info->seq_aft_nl_num[dir]++] = nl_seq;
nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb);
- } else if (oldest != NUM_SEQ_TO_REMEMBER) {
+ } else if (oldest != NUM_SEQ_TO_REMEMBER &&
+ after(nl_seq, info->seq_aft_nl[dir][oldest])) {
info->seq_aft_nl[dir][oldest] = nl_seq;
nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb);
}