conntrack: fix --expires parsing

Using ranges in --ctexpire results in a parsing error:

conntrack: Bad value for "--expires" option: "1:1000"

The first value is parsed twice, after which the end pointer doesn't
point to the expected '\0' but to the colon.

Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index d30871fc37584317194e2a6aa1675d94564edb3a..5ca734d216cd9f450211142b7b7784f4efe99555 100644 (file)
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -273,7 +273,7 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo2 *info, const char *s)
                xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
        max = min;
        if (*end == ':')
-               if (!xtables_strtoui(s, &end, &max, 0, UINT32_MAX))
+               if (!xtables_strtoui(end + 1, &end, &max, 0, UINT32_MAX))
                        xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
        if (*end != '\0')
                xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);