From: Jan Engelhardt <jengelh@computergmbh.de>
Date: Wed, 27 Feb 2008 20:09:05 +0000 (-0800)
Subject: [NETFILTER]: xt_conntrack: fix missing boolean clamping
X-Git-Tag: v3.12-rc1~22171^2~217
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d61f89e9417e68caf9ca801606694c1c960ad179;p=kernel%2Fkernel-generic.git

[NETFILTER]: xt_conntrack: fix missing boolean clamping

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index 8533085..dd192ac 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -231,7 +231,7 @@ conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
 			if (test_bit(IPS_DST_NAT_BIT, &ct->status))
 				statebit |= XT_CONNTRACK_STATE_DNAT;
 		}
-		if ((info->state_mask & statebit) ^
+		if (!!(info->state_mask & statebit) ^
 		    !(info->invert_flags & XT_CONNTRACK_STATE))
 			return false;
 	}