[NETFILTER]: ctnetlink: fix expectation timeout dumping

When the timer is late its timeout might be before the current time, in which case a very large value is dumped. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2007-12-18 01:37:03 -0500
committer: David S. Miller <davem@davemloft.net> 2008-01-28 17:58:55 -0500
commit: d978e5daec544ec72b28bf72a30dc9ac3da23a35 (patch)
tree: b20f5ecdff8c8ce6c22be48412dadd90686056a0
parent: 77236b6e33b06aaf756a86ed1965ca7d460b1b53 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index dcd0c9a4bb75..75012585efe0 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1356,7 +1356,10 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
                          const struct nf_conntrack_expect *exp)
 {
        struct nf_conn *master = exp->master;
-        __be32 timeout = htonl((exp->timeout.expires - jiffies) / HZ);
+        long timeout = (exp->timeout.expires - jiffies) / HZ;
+        if (timeout < 0)
+                timeout = 0;
        if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0)
                goto nla_put_failure;
@@ -1367,7 +1370,7 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
                                 CTA_EXPECT_MASTER) < 0)
                goto nla_put_failure;
-        NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, timeout);
+        NLA_PUT_BE32(skb, CTA_EXPECT_TIMEOUT, htonl(timeout));
        NLA_PUT_BE32(skb, CTA_EXPECT_ID, htonl((unsigned long)exp));
        return 0;
author	Patrick McHardy <kaber@trash.net>	2007-12-18 01:37:03 -0500
committer	David S. Miller <davem@davemloft.net>	2008-01-28 17:58:55 -0500
commit	d978e5daec544ec72b28bf72a30dc9ac3da23a35 (patch)
tree	b20f5ecdff8c8ce6c22be48412dadd90686056a0
parent	77236b6e33b06aaf756a86ed1965ca7d460b1b53 (diff)