extensions: libipt_DNAT/SNAT: fix "OOM" when do translation to nft

When I want to translate SNAT target to nft rule, an error message
was printed out:
  # iptables-translate -A POSTROUTING -j SNAT --to-source 1.1.1.1
  iptables-translate v1.6.0: OOM

Because ipt_natinfo{} started with a xt_entry_target{}, so when we
get the ipt_natinfo pointer, we should use the target itself,
not its data pointer. Yes, it is a little tricky and it's different
with other targets.

Fixes: 7a0992da44cf ("src: introduce struct xt_xlate_{mt,tg}_params")
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index c463f071b3825344ff73fd261f0e966e5eb7212d..78907198f9fac02a37b9d61fff89a3c9bec443be 100644 (file)
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -265,7 +265,7 @@ static void print_range_xlate(const struct nf_nat_ipv4_range *r,
 static int DNAT_xlate(struct xt_xlate *xl,
                      const struct xt_xlate_tg_params *params)
 {
-       const struct ipt_natinfo *info = (const void *)params->target->data;
+       const struct ipt_natinfo *info = (const void *)params->target;
        unsigned int i = 0;
        bool sep_need = false;
        const char *sep = " ";

diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 71717fd8e48d4968dea77e392b48c3541dc25302..5c699d322d8a3988384edfd1dd975cbe69a71946 100644 (file)
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -276,7 +276,7 @@ static void print_range_xlate(const struct nf_nat_ipv4_range *r,
 static int SNAT_xlate(struct xt_xlate *xl,
                      const struct xt_xlate_tg_params *params)
 {
-       const struct ipt_natinfo *info = (const void *)params->target->data;
+       const struct ipt_natinfo *info = (const void *)params->target;
        unsigned int i = 0;
        bool sep_need = false;
        const char *sep = " ";