xshared: Accept an option if any given command allows it

Fixed commit made option checking overly strict: Some commands may be
commbined (foremost --list and --zero), reject a given option only if it
is not allowed by any of the given commands.

Reported-by: Adam Nielsen <a.nielsen@shikadi.net>
Fixes: 9c09d28102bb4 ("xshared: Simplify generic_opt_check()")
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/xshared.c b/iptables/xshared.c
index cdfd11ab2f279a0ffa22f0f9747406cc3bea5cf2..fc61e0fd832bd9ee0b5f9cc2f8d98edff29f2873 100644 (file)
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -980,7 +980,7 @@ static void generic_opt_check(struct xt_cmd_parse_ops *ops,
         */
        for (i = 0, optval = 1; i < NUMBER_OF_OPT; optval = (1 << ++i)) {
                if ((options & optval) &&
-                   (options_v_commands[i] & command) != command)
+                   !(options_v_commands[i] & command))
                        xtables_error(PARAMETER_PROBLEM,
                                      "Illegal option `%s' with this command",
                                      ops->option_name(optval));