@@ -50,26 +50,6 @@ static struct option geoip_opts[] = {
};
#if __BYTE_ORDER == __LITTLE_ENDIAN
-static void geoip_swap_le16(uint16_t *buf)
-{
- unsigned char *p = (void *)buf;
- uint16_t n= p[0] + (p[1] << 8);
- p[0] = (n >> 8) & 0xff;
- p[1] = n & 0xff;
-}
-
-static void geoip_swap_in6(struct in6_addr *in6)
-{
- geoip_swap_le16(&in6->s6_addr16[0]);
- geoip_swap_le16(&in6->s6_addr16[1]);
- geoip_swap_le16(&in6->s6_addr16[2]);
- geoip_swap_le16(&in6->s6_addr16[3]);
- geoip_swap_le16(&in6->s6_addr16[4]);
- geoip_swap_le16(&in6->s6_addr16[5]);
- geoip_swap_le16(&in6->s6_addr16[6]);
- geoip_swap_le16(&in6->s6_addr16[7]);
-}
-
static void geoip_swap_le32(uint32_t *buf)
{
unsigned char *p = (void *)buf;
@@ -79,6 +59,14 @@ static void geoip_swap_le32(uint32_t *buf)
p[2] = (n >> 8) & 0xff;
p[3] = n & 0xff;
}
+
+static void geoip_swap_in6(struct in6_addr *in6)
+{
+ geoip_swap_le32(&in6->s6_addr32[0]);
+ geoip_swap_le32(&in6->s6_addr32[1]);
+ geoip_swap_le32(&in6->s6_addr32[2]);
+ geoip_swap_le32(&in6->s6_addr32[3]);
+}
#endif
static void *
The Perl script that builds the GeoIP DB's uses inet_pton(3) to convert the addresses to network byte-order. This swaps 32-bit segments and converts: 1234:5678::90ab:cdef to: 8765:4321::fedc:ba09 The kernel module compares the addresses in packets with the ranges from the DB in host byte-order using binary search. It uses 32-bit swaps when converting the addresses. libxt_geoip, however, which the module uses to load the ranges from the DB and convert them from NBO to HBO, uses 16-bit swaps to do so, and this means that: 1234:5678::90ab:cdef becomes: 4321:8765::ba09:fedc Obviously, this is inconsistent with the kernel-module and DB build- script and breaks the binary search. Fixes: b91dbd03c717 ("geoip: store database in network byte order") Reported-by: "Thomas B. Clark" <kernel@clark.bz> Signed-off-by: Jeremy Sowden <jeremy@azazel.net> --- extensions/libxt_geoip.c | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-)