Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d978e5da authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller
Browse files

[NETFILTER]: ctnetlink: fix expectation timeout dumping 



When the timer is late its timeout might be before the current time,
in which case a very large value is dumped.

Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 77236b6e

net/netfilter/nf_conntrack_netlink.c

+5 −2
Original line number Diff line number Diff line
@@ -1356,7 +1356,10 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, 
			  const struct nf_conntrack_expect *exp)

{

	struct nf_conn *master = exp->master;

	__be32 timeout = htonl((exp->timeout.expires - jiffies) / HZ);

	long timeout = (exp->timeout.expires - jiffies) / HZ;



	if (timeout < 0)

		timeout = 0;



	if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0)

		goto nla_put_failure;
@@ -1367,7 +1370,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb, 
				 CTA_EXPECT_MASTER) < 0)

		goto nla_put_failure;



	NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, timeout);

	NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, htonl(timeout));

	NLA_PUT_BE32(skb, CTA_EXPECT_ID, htonl((unsigned long)exp));



	return 0;