[NETFILTER]: nf_conntrack_ftp: fix newline sequence number update
authorPatrick McHardy <kaber@trash.net>
Thu, 24 May 2007 23:40:51 +0000 (16:40 -0700)
committerDavid S. Miller <davem@davemloft.net>
Thu, 24 May 2007 23:40:51 +0000 (16:40 -0700)
When trying to locate the oldest entry in the history of newline character
sequence numbers, the sequence number of the current entry is incorrectly
compared with the index of the oldest sequence number instead of the number
itself.

Additionally it is not made sure that the current sequence number really
is after the oldest known one.

Based on report by YU, Haitao <yuhaitao@tsinghua.org.cn>

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/nf_conntrack_ftp.c

index a186799f654212ef218a7560f5991f99ee407832..4bb669c7780f1e46b9284ffbab7ad5fec6f1f189 100644 (file)
@@ -335,15 +335,17 @@ static void update_nl_seq(u32 nl_seq, struct nf_ct_ftp_master *info, int dir,
                if (info->seq_aft_nl[dir][i] == nl_seq)
                        return;
 
-               if (oldest == info->seq_aft_nl_num[dir]
-                   || before(info->seq_aft_nl[dir][i], oldest))
+               if (oldest == info->seq_aft_nl_num[dir] ||
+                   before(info->seq_aft_nl[dir][i],
+                          info->seq_aft_nl[dir][oldest]))
                        oldest = i;
        }
 
        if (info->seq_aft_nl_num[dir] < NUM_SEQ_TO_REMEMBER) {
                info->seq_aft_nl[dir][info->seq_aft_nl_num[dir]++] = nl_seq;
                nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb);
-       } else if (oldest != NUM_SEQ_TO_REMEMBER) {
+       } else if (oldest != NUM_SEQ_TO_REMEMBER &&
+                  after(nl_seq, info->seq_aft_nl[dir][oldest])) {
                info->seq_aft_nl[dir][oldest] = nl_seq;
                nf_conntrack_event_cache(IPCT_HELPINFO_VOLATILE, skb);
        }