diff mbox

[2/5] xt_qtaguid: fix broken uid/gid range check

Message ID 1446073566-6401-3-git-send-email-john.stultz@linaro.org
State New
Headers show

Commit Message

John Stultz Oct. 28, 2015, 11:06 p.m. UTC 
From: Amit Pundir <amit.pundir@linaro.org>


The existing test to check if current uid/gid is within
valid range is broken due to missing parenthesis.

Change-Id: I889ebbd0e2ea6a9426cb1509a2975e7107666407
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>

[jstultz: Cherry picked from Amit's tree]
Signed-off-by: John Stultz <john.stultz@linaro.org>

---
 net/netfilter/xt_qtaguid.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

-- 
1.9.1
diff mbox

Patch

diff --git a/net/netfilter/xt_qtaguid.c b/net/netfilter/xt_qtaguid.c
index 0ad8d7a..9664bec 100644
--- a/net/netfilter/xt_qtaguid.c
+++ b/net/netfilter/xt_qtaguid.c
@@ -1773,8 +1773,8 @@  static bool qtaguid_mt(const struct sk_buff *skb, struct xt_action_param *par)
 		kuid_t uid_min = make_kuid(&init_user_ns, info->uid_min);
 		kuid_t uid_max = make_kuid(&init_user_ns, info->uid_max);
 
-		if (uid_gte(filp->f_cred->fsuid, uid_min) &&
-		     uid_lte(filp->f_cred->fsuid, uid_max) ^
+		if ((uid_gte(filp->f_cred->fsuid, uid_min) &&
+		     uid_lte(filp->f_cred->fsuid, uid_max)) ^
 		    !(info->invert & XT_QTAGUID_UID)) {
 			MT_DEBUG("qtaguid[%d]: leaving uid not matching\n",
 				 par->hooknum);
@@ -1786,8 +1786,8 @@  static bool qtaguid_mt(const struct sk_buff *skb, struct xt_action_param *par)
 		kgid_t gid_min = make_kgid(&init_user_ns, info->gid_min);
 		kgid_t gid_max = make_kgid(&init_user_ns, info->gid_max);
 
-		if (gid_gte(filp->f_cred->fsgid, gid_min) &&
-				gid_lte(filp->f_cred->fsgid, gid_max) ^
+		if ((gid_gte(filp->f_cred->fsgid, gid_min) &&
+				gid_lte(filp->f_cred->fsgid, gid_max)) ^
 			!(info->invert & XT_QTAGUID_GID)) {
 			MT_DEBUG("qtaguid[%d]: leaving gid not matching\n",
 				par->hooknum);