From: Jan Engelhardt <jengelh@computergmbh.de>
Date: Wed, 20 Feb 2008 01:20:06 +0000 (-0800)
Subject: [NETFILTER]: xt_iprange: fix subtraction-based comparison
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=27ecb1ff0afa2260e6856c05efd6fedcd0cc76b9;p=linux.git

[NETFILTER]: xt_iprange: fix subtraction-based comparison

The host address parts need to be converted to host-endian first
before arithmetic makes any sense on them.

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/netfilter/xt_iprange.c b/net/netfilter/xt_iprange.c
index 4f984dc603196..500528d60cd7a 100644
--- a/net/netfilter/xt_iprange.c
+++ b/net/netfilter/xt_iprange.c
@@ -102,7 +102,7 @@ iprange_ipv6_sub(const struct in6_addr *a, const struct in6_addr *b)
 	int r;
 
 	for (i = 0; i < 4; ++i) {
-		r = (__force u32)a->s6_addr32[i] - (__force u32)b->s6_addr32[i];
+		r = ntohl(a->s6_addr32[i]) - ntohl(b->s6_addr32[i]);
 		if (r != 0)
 			return r;
 	}