summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2010-03-16 21:09:04 +0100
committerJan Engelhardt <jengelh@medozas.de>2010-03-18 14:20:06 +0100
commit1d1c397db95f1c0cd95f6fa633c1e68acfaacec3 (patch)
treea73194780ee95ca32ceae75a8be425060b420169
parent7d5f7ed802507999c22949b84686d03987fe57ec (diff)
netfilter: xtables: clean up xt_mac match routine
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r--net/netfilter/xt_mac.c18
1 files changed, 10 insertions, 8 deletions
diff --git a/net/netfilter/xt_mac.c b/net/netfilter/xt_mac.c
index c2007116ce5b..2039d0741b37 100644
--- a/net/netfilter/xt_mac.c
+++ b/net/netfilter/xt_mac.c
@@ -26,14 +26,16 @@ MODULE_ALIAS("ip6t_mac");
static bool mac_mt(const struct sk_buff *skb, const struct xt_match_param *par)
{
- const struct xt_mac_info *info = par->matchinfo;
-
- /* Is mac pointer valid? */
- return skb_mac_header(skb) >= skb->head &&
- skb_mac_header(skb) + ETH_HLEN <= skb->data
- /* If so, compare... */
- && ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr))
- ^ info->invert);
+ const struct xt_mac_info *info = par->matchinfo;
+ bool ret;
+
+ if (skb_mac_header(skb) < skb->head)
+ return false;
+ if (skb_mac_header(skb) + ETH_HLEN > skb->data)
+ return false;
+ ret = compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr) == 0;
+ ret ^= info->invert;
+ return ret;
}
static struct xt_match mac_mt_reg __read_mostly = {