]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 066a195) | patch
xtables-restore: Fix parser feed from line buffer
authorPhil Sutter <phil@nwl.cc>
Wed, 4 Dec 2019 08:56:06 +0000 (09:56 +0100)
committerPhil Sutter <phil@nwl.cc>
Wed, 4 Dec 2019 22:44:28 +0000 (23:44 +0100)
commita103fbfadf4c17b8b12caa57eef72deaaa71a18c
tree57b58f50943667acd1194a14cba45f06069058aatree | snapshot
parent066a19596ae3d69b49a70405e2daf75c929dcd4dcommit | diff
xtables-restore: Fix parser feed from line buffer

When called with --noflush, xtables-restore would trip over chain lines:
Parser uses strtok() to separate chain name, policy and counters which
inserts nul-chars into the source string. Therefore strlen() can't be
used anymore to find end of line. Fix this by caching line length before
calling xtables_restore_parse_line().

Fixes: 09cb517949e69 ("xtables-restore: Improve performance of --noflush operation")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0 [new file with mode: 0755] blob
iptables/xtables-restore.c diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables