* iptables: option fix
@ 2011-02-11 1:07 Jan Engelhardt
2011-02-11 1:07 ` [PATCH] iptables: fix segfault target option parsing Jan Engelhardt
2011-02-11 16:57 ` iptables: option fix Patrick McHardy
0 siblings, 2 replies; 3+ messages in thread
From: Jan Engelhardt @ 2011-02-11 1:07 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
The following changes since commit 7ada0bb7aafd94ef7c9c076e8be50c80bc549a4f:
Merge branch 'master' of git://dev.medozas.de/iptables (2011-02-09 08:13:23 +0100)
are available in the git repository at:
git://dev.medozas.de/iptables master
Jan Engelhardt (1):
iptables: fix segfault target option parsing
ip6tables.c | 6 +++---
iptables.c | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH] iptables: fix segfault target option parsing
2011-02-11 1:07 iptables: option fix Jan Engelhardt
@ 2011-02-11 1:07 ` Jan Engelhardt
2011-02-11 16:57 ` iptables: option fix Patrick McHardy
1 sibling, 0 replies; 3+ messages in thread
From: Jan Engelhardt @ 2011-02-11 1:07 UTC (permalink / raw)
To: kaber; +Cc: netfilter-devel
With v1.4.10-58-g94e247b, target option parsing started to happen in the
wrong case.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
ip6tables.c | 6 +++---
iptables.c | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/ip6tables.c b/ip6tables.c
index 5561a7d..9f0b892 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1245,9 +1245,9 @@ static void command_default(struct iptables_command_state *cs)
struct xtables_rule_match *matchp;
struct xtables_match *m;
- if (cs->target == NULL || cs->target->parse == NULL ||
- cs->c < cs->target->option_offset ||
- cs->c >= cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
+ if (cs->target != NULL && cs->target->parse != NULL &&
+ cs->c >= cs->target->option_offset &&
+ cs->c < cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
cs->target->parse(cs->c - cs->target->option_offset, cs->argv,
cs->invert, &cs->target->tflags, &cs->fw6,
&cs->target->t);
diff --git a/iptables.c b/iptables.c
index 33fd882..a73df3e 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1269,9 +1269,9 @@ static void command_default(struct iptables_command_state *cs)
struct xtables_rule_match *matchp;
struct xtables_match *m;
- if (cs->target == NULL || cs->target->parse == NULL ||
- cs->c < cs->target->option_offset ||
- cs->c >= cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
+ if (cs->target != NULL && cs->target->parse != NULL &&
+ cs->c >= cs->target->option_offset &&
+ cs->c < cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
cs->target->parse(cs->c - cs->target->option_offset, cs->argv,
cs->invert, &cs->target->tflags, &cs->fw,
&cs->target->t);
--
1.7.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: iptables: option fix
2011-02-11 1:07 iptables: option fix Jan Engelhardt
2011-02-11 1:07 ` [PATCH] iptables: fix segfault target option parsing Jan Engelhardt
@ 2011-02-11 16:57 ` Patrick McHardy
1 sibling, 0 replies; 3+ messages in thread
From: Patrick McHardy @ 2011-02-11 16:57 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
On 11.02.2011 02:07, Jan Engelhardt wrote:
> The following changes since commit 7ada0bb7aafd94ef7c9c076e8be50c80bc549a4f:
>
> Merge branch 'master' of git://dev.medozas.de/iptables (2011-02-09 08:13:23 +0100)
>
> are available in the git repository at:
>
> git://dev.medozas.de/iptables master
>
> Jan Engelhardt (1):
> iptables: fix segfault target option parsing
Pulled, thanks Jan.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-02-11 16:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-02-11 1:07 iptables: option fix Jan Engelhardt
2011-02-11 1:07 ` [PATCH] iptables: fix segfault target option parsing Jan Engelhardt
2011-02-11 16:57 ` iptables: option fix Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).