mausezahn: Fix IPv6 address comparison

CMP_INT evaluates its arguments more than once, and thus passing a post-incremented pointer as an argument causes double increments and hence buffer overruns. This can be observed by erratic behavior of IPv6 address ranges. Fix by moving the increment to loop header. Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
author: Petr Machata <petrm@mellanox.com> 2018-05-15 00:59:59 +0300
committer: Tobias Klauser <tklauser@distanz.ch> 2018-05-15 09:05:52 +0200
commit: f6d450a5e4054b7ac17b73fb5081a55479c327d6 (patch)
tree: d41ff0e69179a89bf8623a8287cf6bb7edea9f45
parent: c44813eb1a7546f77b00ae9d1702d8f5c47b7d40 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/staging/tools.c b/staging/tools.c
index 9d2d1be..72445b6 100644
--- a/staging/tools.c
+++ b/staging/tools.c
@@ -233,8 +233,8 @@ int in6_addr_cmp(struct libnet_in6_addr addr1,
 	       *p2 = addr2.__u6_addr.__u6_addr32;
 	int i, val = 0;
 
-	for (i = 0; i < 4; i++) {
-		val = CMP_INT(ntohl(*p1++), ntohl(*p2++));
+	for (i = 0; i < 4; i++, p1++, p2++) {
+		val = CMP_INT(ntohl(*p1), ntohl(*p2));
 		if (val) {
 			break;
 		}
author	Petr Machata <petrm@mellanox.com>	2018-05-15 00:59:59 +0300
committer	Tobias Klauser <tklauser@distanz.ch>	2018-05-15 09:05:52 +0200
commit	f6d450a5e4054b7ac17b73fb5081a55479c327d6 (patch)
tree	d41ff0e69179a89bf8623a8287cf6bb7edea9f45
parent	c44813eb1a7546f77b00ae9d1702d8f5c47b7d40 (diff)