X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=target%2Flinux%2Fgeneric%2Fpatches-4.4%2F610-netfilter_match_bypass_default_checks.patch;h=257bcf79ee7ff928d1e22f75a4da8e21d0f5b91b;hb=f569eb5ecc7787aaaac441f025673dacdb483e31;hp=1b54a8480f6b8df4fdc3e662519f564df1e3032d;hpb=1652ef79ee7b82fa944f305816419c9f14ec1e94;p=librecmc%2Flibrecmc.git

diff --git a/target/linux/generic/patches-4.4/610-netfilter_match_bypass_default_checks.patch b/target/linux/generic/patches-4.4/610-netfilter_match_bypass_default_checks.patch
index 1b54a8480f..257bcf79ee 100644
--- a/target/linux/generic/patches-4.4/610-netfilter_match_bypass_default_checks.patch
+++ b/target/linux/generic/patches-4.4/610-netfilter_match_bypass_default_checks.patch
@@ -50,7 +50,16 @@
  static bool
  ip_checkentry(const struct ipt_ip *ip)
  {
-@@ -953,6 +979,7 @@ copy_entries_to_user(unsigned int total_
+@@ -655,6 +681,8 @@ find_check_entry(struct ipt_entry *e, st
+ 	struct xt_entry_match *ematch;
+ 	unsigned long pcnt;
+ 
++	ip_checkdefault(&e->ip);
++
+ 	pcnt = xt_percpu_counter_alloc();
+ 	if (IS_ERR_VALUE(pcnt))
+ 		return -ENOMEM;
+@@ -953,6 +981,7 @@ copy_entries_to_user(unsigned int total_
  	const struct xt_table_info *private = table->private;
  	int ret = 0;
  	const void *loc_cpu_entry;
@@ -58,7 +67,7 @@
  
  	counters = alloc_counters(table);
  	if (IS_ERR(counters))
-@@ -979,6 +1006,14 @@ copy_entries_to_user(unsigned int total_
+@@ -979,6 +1008,14 @@ copy_entries_to_user(unsigned int total_
  			ret = -EFAULT;
  			goto free_counters;
  		}