netfilter: nf_nat: fix out-of-bounds access in address selection

include/linux/jhash.h:138:16: warning: array subscript is above array bounds [jhash2() expects the number of u32 in the key] Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2012-09-05 10:10:28 +0000
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2012-09-09 20:18:55 +0200
commit: 5693d68df6883f039d24a4ce8b23ac48f94a73e5 (patch)
tree: 03f2ecf48c97b0b1a9ee05918743a9c7f983ad53 /net/netfilter
parent: 00545bec9412d130c77f72a08d6c8b6ad21d4a1e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 29d445235199..1816ad381485 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -255,7 +255,7 @@ find_best_ips_proto(u16 zone, struct nf_conntrack_tuple *tuple,
 	 * client coming from the same IP (some Internet Banking sites
 	 * like this), even across reboots.
 	 */
-	j = jhash2((u32 *)&tuple->src.u3, sizeof(tuple->src.u3),
+	j = jhash2((u32 *)&tuple->src.u3, sizeof(tuple->src.u3) / sizeof(u32),
 		   range->flags & NF_NAT_RANGE_PERSISTENT ?
 			0 : (__force u32)tuple->dst.u3.all[max] ^ zone);
author	Florian Westphal <fw@strlen.de>	2012-09-05 10:10:28 +0000
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2012-09-09 20:18:55 +0200
commit	5693d68df6883f039d24a4ce8b23ac48f94a73e5 (patch)
tree	03f2ecf48c97b0b1a9ee05918743a9c7f983ad53 /net/netfilter
parent	00545bec9412d130c77f72a08d6c8b6ad21d4a1e (diff)