netfilter: xtables: clean up xt_mac match routine

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>

diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c
index c2007116ce5bb66db44ae43590e8ba94330d03ea..2039d0741b37d012be9b065898483675f25aedb7 100644 (file)
--- a/net/netfilter/xt_mac.c
+++ b/net/netfilter/xt_mac.c
@@ -26,14 +26,16 @@ MODULE_ALIAS("ip6t_mac");
 
 static bool mac_mt(const struct sk_buff *skb, const struct xt_match_param *par)
 {
-    const struct xt_mac_info *info = par->matchinfo;
-
-    /* Is mac pointer valid? */
-    return skb_mac_header(skb) >= skb->head &&
-          skb_mac_header(skb) + ETH_HLEN <= skb->data
-          /* If so, compare... */
-          && ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr))
-               ^ info->invert);
+       const struct xt_mac_info *info = par->matchinfo;
+       bool ret;
+
+       if (skb_mac_header(skb) < skb->head)
+               return false;
+       if (skb_mac_header(skb) + ETH_HLEN > skb->data)
+               return false;
+       ret  = compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr) == 0;
+       ret ^= info->invert;
+       return ret;
 }
 
 static struct xt_match mac_mt_reg __read_mostly = {