summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2012-04-27 02:00:50 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2012-04-30 10:40:36 +0200
commit6cf51852486af3d79f57bf46d00209a14244dbaa (patch)
tree4d7d7e19422e412bf4cb22100306fece93b8d498 /net
parentipvs: kernel oops - do_ip_vs_get_ctl (diff)
downloadlinux-6cf51852486af3d79f57bf46d00209a14244dbaa.tar.xz
linux-6cf51852486af3d79f57bf46d00209a14244dbaa.zip
netfilter: xt_CT: fix wrong checking in the timeout assignment path
The current checking always succeeded. We have to check the first character of the string to check that it's empty, thus, skipping the timeout path. This fixes the use of the CT target without the timeout option. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/xt_CT.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
index 59530e93fa58..3746d8b9a478 100644
--- a/net/netfilter/xt_CT.c
+++ b/net/netfilter/xt_CT.c
@@ -227,7 +227,7 @@ static int xt_ct_tg_check_v1(const struct xt_tgchk_param *par)
}
#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
- if (info->timeout) {
+ if (info->timeout[0]) {
typeof(nf_ct_timeout_find_get_hook) timeout_find_get;
struct nf_conn_timeout *timeout_ext;