[PATCH net-next v2 3/3] netfilter: nf_conntrack_amanda: use nf_ct_helper_parse_port()
From: HACKE-RC
Date: Fri May 01 2026 - 02:34:49 EST
Replace the bare simple_strtoul() call with the shared
nf_ct_helper_parse_port(). This removes reliance on the
nul-terminated pbuf string for parsing and validates the port
range in a single call.
The len > 5 guard and port == 0 check are now handled by the
shared parser, which rejects zero and values above 65535.
Reorder local variable declarations to reverse christmas tree.
Fixes: 16958900578b ("[NETFILTER]: nf_conntrack/nf_nat: add amanda helper port")
Signed-off-by: HACKE-RC <rc@xxxxxxxxx>
---
net/netfilter/nf_conntrack_amanda.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/net/netfilter/nf_conntrack_amanda.c b/net/netfilter/nf_conntrack_amanda.c
index d2c09e8dd..30b5c4b84 100644
--- a/net/netfilter/nf_conntrack_amanda.c
+++ b/net/netfilter/nf_conntrack_amanda.c
@@ -88,11 +88,12 @@ static int amanda_help(struct sk_buff *skb,
struct nf_conntrack_expect *exp;
struct nf_conntrack_tuple *tuple;
unsigned int dataoff, start, stop, off, i;
+ nf_nat_amanda_hook_fn *nf_nat_amanda;
char pbuf[sizeof("65535")], *tmp;
+ int ret = NF_ACCEPT;
u_int16_t len;
+ u16 parsed_port;
__be16 port;
- int ret = NF_ACCEPT;
- nf_nat_amanda_hook_fn *nf_nat_amanda;
/* Only look at packets from the Amanda server */
if (CTINFO2DIR(ctinfo) == IP_CT_DIR_ORIGINAL)
@@ -132,10 +133,10 @@ static int amanda_help(struct sk_buff *skb,
break;
pbuf[len] = '\0';
- port = htons(simple_strtoul(pbuf, &tmp, 10));
- len = tmp - pbuf;
- if (port == 0 || len > 5)
+ if (nf_ct_helper_parse_port(pbuf, len, &parsed_port, &tmp))
break;
+ port = htons(parsed_port);
+ len = tmp - pbuf;
exp = nf_ct_expect_alloc(ct);
if (exp == NULL) {
--
2.54.0