check for invalid port ranges (Thomas Poehnitz)

author Harald Welte <laforge@gnumonks.org>

Fri, 26 Jul 2002 16:27:57 +0000 (16:27 +0000)

committer Harald Welte <laforge@gnumonks.org>

Fri, 26 Jul 2002 16:27:57 +0000 (16:27 +0000)
author Harald Welte <laforge@gnumonks.org>
Fri, 26 Jul 2002 16:27:57 +0000 (16:27 +0000)
committer Harald Welte <laforge@gnumonks.org>
Fri, 26 Jul 2002 16:27:57 +0000 (16:27 +0000)
diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c

index 8e54dc445a617c79e11b97cdc7fd36fdc2984538..1bf1d19876f2715c3fff3d49b837cdd22afd843b 100644 (file)
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -77,6 +77,10 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
  
                 ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
                 ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+               
+               if (ports[0] > ports[1])
+                       exit_error(PARAMETER_PROBLEM, 
+                                  "invalid portrange (min > max)");
         }
         free(buffer);
  }
diff --git a/extensions/libip6t_udp.c b/extensions/libip6t_udp.c

index fb0505e8eb463fa1ebe9fba36c27ec43c3909ac9..a2e2fe640ce192557fd162a83fd6db5e43fd7226 100644 (file)
--- a/extensions/libip6t_udp.c
+++ b/extensions/libip6t_udp.c
@@ -69,6 +69,10 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
  
                 ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
                 ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+               if (ports[0] > ports[1])
+                       exit_error(PARAMETER_PROBLEM,
+                                  "invalid portrange (min > max)");
         }
         free(buffer);
  }
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c

index acf605016862a84c4d6de1c42614c590f4803307..1ff8f12e3d85cf275dd3a5f5e29cd20bb6a00490 100644 (file)
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -77,6 +77,10 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
  
                 ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
                 ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+
+               if (ports[0] > ports[1])
+                       exit_error(PARAMETER_PROBLEM,
+                                  "invalid portrange (min > max)");
         }
         free(buffer);
  }
diff --git a/extensions/libipt_udp.c b/extensions/libipt_udp.c

index 622fb43659aa39fc04983df2f6d2e9a4b5d6587a..ccea21054c3bbde50a72a3b591dae4ddb2a84c79 100644 (file)
--- a/extensions/libipt_udp.c
+++ b/extensions/libipt_udp.c
@@ -69,6 +69,10 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
  
                 ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
                 ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+               if (ports[0] > ports[1])
+                       exit_error(PARAMETER_PROBLEM,
+                                  "invalid portrange (min > max)");
         }
         free(buffer);
  }
author	Harald Welte <laforge@gnumonks.org>
	Fri, 26 Jul 2002 16:27:57 +0000 (16:27 +0000)
committer	Harald Welte <laforge@gnumonks.org>
	Fri, 26 Jul 2002 16:27:57 +0000 (16:27 +0000)
extensions/libip6t_tcp.c		patch \| blob \| blame \| history
extensions/libip6t_udp.c		patch \| blob \| blame \| history
extensions/libipt_tcp.c		patch \| blob \| blame \| history
extensions/libipt_udp.c		patch \| blob \| blame \| history