ebtables: Exit gracefully on invalid table names

Users are able to cause program abort by passing a table name that
doesn't exist:

| # ebtables-nft -t dummy -P INPUT ACCEPT
| ebtables: nft-cache.c:455: fetch_chain_cache: Assertion `t' failed.
| Aborted

Avoid this by checking table existence just like iptables-nft does upon
parsing '-t' optarg. Since the list of tables is known and fixed,
checking the given name's length is pointless. So just drop that check
in return.

With this patch in place, output looks much better:

| # ebtables-nft -t dummy -P INPUT ACCEPT
| ebtables v1.8.7 (nf_tables): table 'dummy' does not exist
| Perhaps iptables or your kernel needs to be upgraded.

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index cfa9317c78e94b636a425af37d641adb11fbe30f..5bb34d6d292a97b01630b7d7041e613e93f73559 100644 (file)
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -914,10 +914,10 @@ print_zero:
                                xtables_error(PARAMETER_PROBLEM,
                                              "The -t option (seen in line %u) cannot be used in %s.\n",
                                              line, xt_params->program_name);
-                       if (strlen(optarg) > EBT_TABLE_MAXNAMELEN - 1)
-                               xtables_error(PARAMETER_PROBLEM,
-                                             "Table name length cannot exceed %d characters",
-                                             EBT_TABLE_MAXNAMELEN - 1);
+                       if (!nft_table_builtin_find(h, optarg))
+                               xtables_error(VERSION_PROBLEM,
+                                             "table '%s' does not exist",
+                                             optarg);
                        *table = optarg;
                        table_set = true;
                        break;