prevent ip(6)tables-restore from crashing when a line contains -t

author Harald Welte <laforge@gnumonks.org>

Tue, 16 Oct 2001 07:53:34 +0000 (07:53 +0000)

committer Harald Welte <laforge@gnumonks.org>

Tue, 16 Oct 2001 07:53:34 +0000 (07:53 +0000)
author Harald Welte <laforge@gnumonks.org>
Tue, 16 Oct 2001 07:53:34 +0000 (07:53 +0000)
committer Harald Welte <laforge@gnumonks.org>
Tue, 16 Oct 2001 07:53:34 +0000 (07:53 +0000)
diff --git a/ip6tables-restore.c b/ip6tables-restore.c

index 5be8a1f5eaa83b18d7baf09d60ffc42593d7261b..d0c778a3bd7f5a3fbedbea5b205f5f4695bd4501 100644 (file)
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -294,6 +294,22 @@ int main(int argc, char *argv[])
                                  parsestart = buffer;
                          }
  
+                       /* prevent iptables-restore from crashing in do_command
+                        * when someone passes a "-t" on the line.
+                        *  - Ben Reser <ben@reser.org> */
+                       if (strstr(buffer, "-t")) {
+                               exit_error(PARAMETER_PROBLEM, 
+                                          "Line %u seems to have a "
+                                          " -t table option.\n", line);
+                               exit(1);
+                       }
+                       if (!strlen((char *) &curtable)) {
+                               exit_error(PARAMETER_PROBLEM,
+                                          "Line %u seems to to have a "
+                                          " zero-length table name.\n", line);
+                               exit(1);
+                       } 
+                       
                          add_argv(argv[0]);
                          add_argv("-t");
                          add_argv((char *) &curtable);
diff --git a/iptables-restore.c b/iptables-restore.c

index 2f4d87687858a9f11b81062fbc53a839b76f7d9e..8465beb18f73a2097d6ed76cd633b97b72abbaac 100644 (file)
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -4,7 +4,7 @@
   *
   * This coude is distributed under the terms of GNU GPL
   *
- * $Id: iptables-restore.c,v 1.13 2001/06/16 18:25:25 laforge Exp $
+ * $Id: iptables-restore.c,v 1.14 2001/08/06 18:50:22 laforge Exp $
   */
  
  #include <getopt.h>
@@ -289,6 +289,22 @@ int main(int argc, char *argv[])
                                 parsestart = buffer;
                         }
  
+                       /* prevent iptables-restore from crashing in do_command
+                        * when someone passes a "-t" on the line.
+                        *  - Ben Reser <ben@reser.org> */
+                       if (strstr(buffer, "-t")) {
+                               exit_error(PARAMETER_PROBLEM, 
+                                          "Line %u seems to have a "
+                                          " -t table option.\n", line);
+                               exit(1);
+                       }
+                       if (!strlen((char *) &curtable)) {
+                               exit_error(PARAMETER_PROBLEM,
+                                          "Line %u seems to to have a "
+                                          " zero-length table name.\n", line);
+                               exit(1);
+                       } 
+                       
                         add_argv(argv[0]);
                         add_argv("-t");
                         add_argv((char *) &curtable);
author	Harald Welte <laforge@gnumonks.org>
	Tue, 16 Oct 2001 07:53:34 +0000 (07:53 +0000)
committer	Harald Welte <laforge@gnumonks.org>
	Tue, 16 Oct 2001 07:53:34 +0000 (07:53 +0000)
ip6tables-restore.c		patch \| blob \| blame \| history
iptables-restore.c		patch \| blob \| blame \| history