From: Chris Wright <chrisw@sous-sol.org>
Date: Fri, 2 Feb 2007 23:35:47 +0000 (-0800)
Subject: netfilter patch for stable
X-Git-Tag: v2.6.19.3~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=470ba8e6d95391446766dbe19731dcb1d28b99e5;p=thirdparty%2Fkernel%2Fstable-queue.git

netfilter patch for stable
---

diff --git a/queue-2.6.19/netfilter-xt_connbytes-fix-division-by-zero.patch b/queue-2.6.19/netfilter-xt_connbytes-fix-division-by-zero.patch
new file mode 100644
index 00000000000..8a794d8fe1c
--- /dev/null
+++ b/queue-2.6.19/netfilter-xt_connbytes-fix-division-by-zero.patch
@@ -0,0 +1,76 @@
+From stable-bounces@linux.kernel.org  Tue Jan 30 16:37:35 2007
+Message-ID: <45BFE271.6000704@trash.net>
+Date: Wed, 31 Jan 2007 01:27:29 +0100
+From: Patrick McHardy <kaber@trash.net>
+To: stable@kernel.org
+Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>, "David S. Miller" <davem@davemloft.net>
+Subject: NETFILTER: xt_connbytes: fix division by zero
+
+When the packet counter of a connection is zero a division by zero
+occurs in div64_64(). Fix that by using zero as average value, which
+is correct as long as the packet counter didn't overflow, at which
+point we have lost anyway.
+
+Additionally we're probably going to go back to 64 bit counters
+in 2.6.21.
+
+Based on patch from Jonas Berlin <xkr47@outerspace.dyndns.org>,
+with suggestions from KOVACS Krisztian <hidden@balabit.hu>.
+
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+---
+ net/netfilter/xt_connbytes.c |   29 ++++++++++++-----------------
+ 1 file changed, 12 insertions(+), 17 deletions(-)
+
+--- linux-2.6.19.2.orig/net/netfilter/xt_connbytes.c
++++ linux-2.6.19.2/net/netfilter/xt_connbytes.c
+@@ -52,6 +52,8 @@ match(const struct sk_buff *skb,
+ {
+ 	const struct xt_connbytes_info *sinfo = matchinfo;
+ 	u_int64_t what = 0;	/* initialize to make gcc happy */
++	u_int64_t bytes = 0;
++	u_int64_t pkts = 0;
+ 	const struct ip_conntrack_counter *counters;
+ 
+ 	if (!(counters = nf_ct_get_counters(skb)))
+@@ -89,29 +91,22 @@ match(const struct sk_buff *skb,
+ 	case XT_CONNBYTES_AVGPKT:
+ 		switch (sinfo->direction) {
+ 		case XT_CONNBYTES_DIR_ORIGINAL:
+-			what = div64_64(counters[IP_CT_DIR_ORIGINAL].bytes,
+-					counters[IP_CT_DIR_ORIGINAL].packets);
++			bytes = counters[IP_CT_DIR_ORIGINAL].bytes;
++			pkts  = counters[IP_CT_DIR_ORIGINAL].packets;
+ 			break;
+ 		case XT_CONNBYTES_DIR_REPLY:
+-			what = div64_64(counters[IP_CT_DIR_REPLY].bytes,
+-					counters[IP_CT_DIR_REPLY].packets);
++			bytes = counters[IP_CT_DIR_REPLY].bytes;
++			pkts  = counters[IP_CT_DIR_REPLY].packets;
+ 			break;
+ 		case XT_CONNBYTES_DIR_BOTH:
+-			{
+-				u_int64_t bytes;
+-				u_int64_t pkts;
+-				bytes = counters[IP_CT_DIR_ORIGINAL].bytes +
+-					counters[IP_CT_DIR_REPLY].bytes;
+-				pkts = counters[IP_CT_DIR_ORIGINAL].packets+
+-					counters[IP_CT_DIR_REPLY].packets;
+-
+-				/* FIXME_THEORETICAL: what to do if sum
+-				 * overflows ? */
+-
+-				what = div64_64(bytes, pkts);
+-			}
++			bytes = counters[IP_CT_DIR_ORIGINAL].bytes +
++				counters[IP_CT_DIR_REPLY].bytes;
++			pkts  = counters[IP_CT_DIR_ORIGINAL].packets +
++				counters[IP_CT_DIR_REPLY].packets;
+ 			break;
+ 		}
++		if (pkts != 0)
++			what = div64_64(bytes, pkts);
+ 		break;
+ 	}
+ 
diff --git a/queue-2.6.19/series b/queue-2.6.19/series
index 003b553893d..f7dfc638f59 100644
--- a/queue-2.6.19/series
+++ b/queue-2.6.19/series
@@ -53,4 +53,5 @@ af_packet-check-device-down-state-before-hard-header-callbacks.patch
 tcp-rare-bad-tcp-checksum-with-2.6.19.patch
 tcp-fix-sorting-of-sack-blocks.patch
 tcp-skb-is-unexpectedly-freed.patch
+netfilter-xt_connbytes-fix-division-by-zero.patch
 sunrpc-give-cloned-rpc-clients-their-own-rpc_pipefs-directory.patch