xtables: another try at chain name length checking

Since XT_EXTENSION_MAXNAMELEN is now available, make use of it
and clear the confusion.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>

diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index f0725d1e5c0659273c93de2e712b90642562dfba..008566c4433d16cbf03125494a84e960d1088737 100644 (file)
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -253,11 +253,11 @@ int main(int argc, char *argv[])
                                exit(1);
                        }
 
-                       if (strlen(chain) > XT_FUNCTION_MAXNAMELEN - 1)
+                       if (strlen(chain) >= XT_EXTENSION_MAXNAMELEN)
                                xtables_error(PARAMETER_PROBLEM,
                                           "Invalid chain name `%s' "
                                           "(%u chars max)",
-                                          chain, XT_FUNCTION_MAXNAMELEN - 1);
+                                          chain, XT_EXTENSION_MAXNAMELEN - 1);
 
                        if (ip6tc_builtin(chain, handle) <= 0) {
                                if (noflush && ip6tc_is_chain(chain, handle)) {

diff --git a/ip6tables.c b/ip6tables.c
index 4e73d34e0013331618e5bc9eb404b88cde8b0f65..2fff21bf4ac62203a6b714a40a200377fcef0c60 100644 (file)
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -456,10 +456,10 @@ parse_target(const char *targetname)
                xtables_error(PARAMETER_PROBLEM,
                           "Invalid target name (too short)");
 
-       if (strlen(targetname) > XT_FUNCTION_MAXNAMELEN - 1)
+       if (strlen(targetname) >= XT_EXTENSION_MAXNAMELEN)
                xtables_error(PARAMETER_PROBLEM,
                           "Invalid target name `%s' (%u chars max)",
-                          targetname, XT_FUNCTION_MAXNAMELEN - 1);
+                          targetname, XT_EXTENSION_MAXNAMELEN - 1);
 
        for (ptr = targetname; *ptr; ptr++)
                if (isspace(*ptr))

diff --git a/iptables-restore.c b/iptables-restore.c
index 4a74485c97d9fca9d6088b6519db546d3dd9c227..8c6648e98f46281a67e28f077038f1d25931f70b 100644 (file)
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -259,11 +259,11 @@ main(int argc, char *argv[])
                                exit(1);
                        }
 
-                       if (strlen(chain) > XT_FUNCTION_MAXNAMELEN - 1)
+                       if (strlen(chain) >= XT_EXTENSION_MAXNAMELEN)
                                xtables_error(PARAMETER_PROBLEM,
                                           "Invalid chain name `%s' "
                                           "(%u chars max)",
-                                          chain, XT_FUNCTION_MAXNAMELEN - 1);
+                                          chain, XT_EXTENSION_MAXNAMELEN - 1);
 
                        if (iptc_builtin(chain, handle) <= 0) {
                                if (noflush && iptc_is_chain(chain, handle)) {

diff --git a/iptables.c b/iptables.c
index 19c2af5412f450f1e04692610ea00378f45dac5d..efe993e18babcc1fcc85b1929b84605eeff37f89 100644 (file)
--- a/iptables.c
+++ b/iptables.c
@@ -460,10 +460,10 @@ parse_target(const char *targetname)
                xtables_error(PARAMETER_PROBLEM,
                           "Invalid target name (too short)");
 
-       if (strlen(targetname) > XT_FUNCTION_MAXNAMELEN - 1)
+       if (strlen(targetname) >= XT_EXTENSION_MAXNAMELEN)
                xtables_error(PARAMETER_PROBLEM,
                           "Invalid target name `%s' (%u chars max)",
-                          targetname, XT_FUNCTION_MAXNAMELEN - 1);
+                          targetname, XT_EXTENSION_MAXNAMELEN - 1);
 
        for (ptr = targetname; *ptr; ptr++)
                if (isspace(*ptr))

diff --git a/xtables.c b/xtables.c
index 440b2e141487ab676e259b73d1dd888bc4729e23..b4c4f6b326a501c13bb49522ae29e5bc331bebb7 100644 (file)
--- a/xtables.c
+++ b/xtables.c
@@ -545,10 +545,10 @@ xtables_find_match(const char *name, enum xtables_tryload tryload,
        struct xtables_match *ptr;
        const char *icmp6 = "icmp6";
 
-       if (strlen(name) > XT_FUNCTION_MAXNAMELEN - 1)
+       if (strlen(name) >= XT_EXTENSION_MAXNAMELEN)
                xtables_error(PARAMETER_PROBLEM,
                           "Invalid match name \"%s\" (%u chars max)",
-                          name, XT_FUNCTION_MAXNAMELEN - 1);
+                          name, XT_EXTENSION_MAXNAMELEN - 1);
 
        /* This is ugly as hell. Nonetheless, there is no way of changing
         * this without hurting backwards compatibility */
@@ -741,8 +741,7 @@ void xtables_register_match(struct xtables_match *me)
                exit(1);
        }
 
-       /* Revision field stole a char from name. */
-       if (strlen(me->name) >= XT_FUNCTION_MAXNAMELEN-1) {
+       if (strlen(me->name) >= XT_EXTENSION_MAXNAMELEN) {
                fprintf(stderr, "%s: target `%s' has invalid name\n",
                        xt_params->program_name, me->name);
                exit(1);
@@ -827,8 +826,7 @@ void xtables_register_target(struct xtables_target *me)
                exit(1);
        }
 
-       /* Revision field stole a char from name. */
-       if (strlen(me->name) >= XT_FUNCTION_MAXNAMELEN-1) {
+       if (strlen(me->name) >= XT_EXTENSION_MAXNAMELEN) {
                fprintf(stderr, "%s: target `%s' has invalid name\n",
                        xt_params->program_name, me->name);
                exit(1);