[PATCH] MASQUERADE: fix --to-ports parser

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] MASQUERADE: fix --to-ports parser
@ 2010-02-19  3:30 Dmitry V. Levin
  2010-05-14 11:27 ` Patrick McHardy
  0 siblings, 1 reply; 4+ messages in thread
From: Dmitry V. Levin @ 2010-02-19  3:30 UTC (permalink / raw)
  To: netfilter-devel

[-- Attachment #1: Type: text/plain, Size: 2095 bytes --]

Rewrite port range validator to use xtables_strtoui() and
xtables_param_act().  Original check failed to recognize
such port range errors as "1a-2" and "1-2a".
Also, original parser erroneously denied using port 0,
which is now allowed.

Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
---
 extensions/libipt_MASQUERADE.c |   32 ++++++++++++++++----------------
 1 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 9d7fc17..3386ff3 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -38,34 +38,34 @@ static void MASQUERADE_init(struct xt_entry_target *t)
 static void
 parse_ports(const char *arg, struct nf_nat_multi_range *mr)
 {
-	const char *dash;
-	int port;
+	char *end;
+	unsigned int port, maxport;
 
 	mr->range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 
-	port = atoi(arg);
-	if (port <= 0 || port > 65535)
-		xtables_error(PARAMETER_PROBLEM, "Port \"%s\" not valid\n", arg);
+	if (!xtables_strtoui(arg, &end, &port, 0, UINT16_MAX))
+		xtables_param_act(XTF_BAD_VALUE, "MASQUERADE", "--to-ports", arg);
 
-	dash = strchr(arg, '-');
-	if (!dash) {
+	switch (*end) {
+	case '\0':
 		mr->range[0].min.tcp.port
 			= mr->range[0].max.tcp.port
 			= htons(port);
-	} else {
-		int maxport;
+		return;
+	case '-':
+		if (!xtables_strtoui(end + 1, NULL, &maxport, 0, UINT16_MAX))
+			break;
 
-		maxport = atoi(dash + 1);
-		if (maxport == 0 || maxport > 65535)
-			xtables_error(PARAMETER_PROBLEM,
-				   "Port `%s' not valid\n", dash+1);
 		if (maxport < port)
-			/* People are stupid.  Present reader excepted. */
-			xtables_error(PARAMETER_PROBLEM,
-				   "Port range `%s' funky\n", arg);
+			break;
+
 		mr->range[0].min.tcp.port = htons(port);
 		mr->range[0].max.tcp.port = htons(maxport);
+		return;
+	default:
+		break;
 	}
+	xtables_param_act(XTF_BAD_VALUE, "MASQUERADE", "--to-ports", arg);
 }
 
 static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,


-- 
ldv

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] MASQUERADE: fix --to-ports parser
  2010-02-19  3:30 [PATCH] MASQUERADE: fix --to-ports parser Dmitry V. Levin
@ 2010-05-14 11:27 ` Patrick McHardy
  2010-05-17 20:09   ` Dmitry V. Levin
  0 siblings, 1 reply; 4+ messages in thread
From: Patrick McHardy @ 2010-05-14 11:27 UTC (permalink / raw)
  To: Dmitry V. Levin; +Cc: netfilter-devel

Dmitry V. Levin wrote:
> Rewrite port range validator to use xtables_strtoui() and
> xtables_param_act().  Original check failed to recognize
> such port range errors as "1a-2" and "1-2a".
> Also, original parser erroneously denied using port 0,
> which is now allowed.

This one doesn't apply anymore, could you please rediff and resend?
Thanks!


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] MASQUERADE: fix --to-ports parser
  2010-05-14 11:27 ` Patrick McHardy
@ 2010-05-17 20:09   ` Dmitry V. Levin
  2010-05-20 14:01     ` Patrick McHardy
  0 siblings, 1 reply; 4+ messages in thread
From: Dmitry V. Levin @ 2010-05-17 20:09 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: netfilter-devel

Rewrite port range validator to use xtables_strtoui() and
xtables_param_act().  Original check failed to recognize
such port range errors as "1a-2" and "1-2a".
Also, original parser erroneously denied using port 0,
which is now allowed.

Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
---
 extensions/libipt_MASQUERADE.c |   32 ++++++++++++++++----------------
 1 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 9d7fc17..3386ff3 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -38,34 +38,34 @@ static void MASQUERADE_init(struct xt_entry_target *t)
 static void
 parse_ports(const char *arg, struct nf_nat_multi_range *mr)
 {
-	const char *dash;
-	int port;
+	char *end;
+	unsigned int port, maxport;
 
 	mr->range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 
-	port = atoi(arg);
-	if (port <= 0 || port > 65535)
-		xtables_error(PARAMETER_PROBLEM, "Port \"%s\" not valid\n", arg);
+	if (!xtables_strtoui(arg, &end, &port, 0, UINT16_MAX))
+		xtables_param_act(XTF_BAD_VALUE, "MASQUERADE", "--to-ports", arg);
 
-	dash = strchr(arg, '-');
-	if (!dash) {
+	switch (*end) {
+	case '\0':
 		mr->range[0].min.tcp.port
 			= mr->range[0].max.tcp.port
 			= htons(port);
-	} else {
-		int maxport;
+		return;
+	case '-':
+		if (!xtables_strtoui(end + 1, NULL, &maxport, 0, UINT16_MAX))
+			break;
 
-		maxport = atoi(dash + 1);
-		if (maxport == 0 || maxport > 65535)
-			xtables_error(PARAMETER_PROBLEM,
-				   "Port `%s' not valid\n", dash+1);
 		if (maxport < port)
-			/* People are stupid.  Present reader excepted. */
-			xtables_error(PARAMETER_PROBLEM,
-				   "Port range `%s' funky\n", arg);
+			break;
+
 		mr->range[0].min.tcp.port = htons(port);
 		mr->range[0].max.tcp.port = htons(maxport);
+		return;
+	default:
+		break;
 	}
+	xtables_param_act(XTF_BAD_VALUE, "MASQUERADE", "--to-ports", arg);
 }
 
 static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
-- 
ldv

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] MASQUERADE: fix --to-ports parser
  2010-05-17 20:09   ` Dmitry V. Levin
@ 2010-05-20 14:01     ` Patrick McHardy
  0 siblings, 0 replies; 4+ messages in thread
From: Patrick McHardy @ 2010-05-20 14:01 UTC (permalink / raw)
  To: Dmitry V. Levin; +Cc: netfilter-devel

Dmitry V. Levin wrote:
> Rewrite port range validator to use xtables_strtoui() and
> xtables_param_act().  Original check failed to recognize
> such port range errors as "1a-2" and "1-2a".
> Also, original parser erroneously denied using port 0,
> which is now allowed.

Applied, thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2010-05-20 14:01 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-02-19  3:30 [PATCH] MASQUERADE: fix --to-ports parser Dmitry V. Levin
2010-05-14 11:27 ` Patrick McHardy
2010-05-17 20:09   ` Dmitry V. Levin
2010-05-20 14:01     ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.