passing ->tos as uintmax_t will clear adjacent fields in the structure,
including invflags.
Fixes: 49479aa12a15 ("ebtables-compat: add 'ip' match extension")
Signed-off-by: Florian Westphal <f...@strlen.de>
---
extensions/libebt_ip.c | 9 ++++++---
extensions/libebt_ip.t | 1 +
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/extensions/libebt_ip.c b/extensions/libebt_ip.c
index 2b28c615fe47..acb9bfcdbbd9 100644
--- a/extensions/libebt_ip.c
+++ b/extensions/libebt_ip.c
@@ -424,14 +424,17 @@ brip_parse(int c, char **argv, int invert, unsigned int
*flags,
info->igmp_type, NULL);
info->bitmask |= EBT_IP_IGMP;
break;
- case IP_EBT_TOS:
+ case IP_EBT_TOS: {
+ uintmax_t tosvalue;
+
if (invert)
info->invflags |= EBT_IP_TOS;
- if (!xtables_strtoul(optarg, NULL, (uintmax_t *)&info->tos,
- 0, 255))
+ if (!xtables_strtoul(optarg, NULL, &tosvalue, 0, 255))
xtables_error(PARAMETER_PROBLEM,
"Problem with specified IP tos");
+ info->tos = tosvalue;
info->bitmask |= EBT_IP_TOS;
+ }
break;
case IP_PROTO:
if (invert)
diff --git a/extensions/libebt_ip.t b/extensions/libebt_ip.t
index 6f99aa56d238..87602367182a 100644
--- a/extensions/libebt_ip.t
+++ b/extensions/libebt_ip.t
@@ -2,6 +2,7 @@
-p ip --ip-src ! 192.168.0.0/24 -j ACCEPT;-p IPv4 --ip-src ! 192.168.0.0/24 -j
ACCEPT;OK
-p IPv4 --ip-dst 10.0.0.1;=;OK
-p IPv4 --ip-tos 0xFF;=;OK
+-p IPv4 --ip-tos ! 0xFF;=;OK
-p IPv4 --ip-proto tcp --ip-dport 22;=;OK
-p IPv4 --ip-proto udp --ip-sport 1024:65535;=;OK
-p IPv4 --ip-proto 253;=;OK
--
2.18.1
