From: Phil Sutter <phil@nwl.cc>
Date: Sun, 17 Dec 2023 12:02:36 +0000 (+0100)
Subject: libxtables: xtoptions: Prevent XTOPT_PUT with XTTYPE_HOSTMASK
X-Git-Tag: v1.8.11~118
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17d724f20e3c97ea8ce8765ca532a3cf49a98b31;p=thirdparty%2Fiptables.git

libxtables: xtoptions: Prevent XTOPT_PUT with XTTYPE_HOSTMASK

Do as the comment in xtopt_parse_hostmask() claims and omit
XTTYPE_HOSTMASK from xtopt_psize array so xtables_option_metavalidate()
will catch the incompatibility.

Fixes: 66266abd17adc ("libxtables: XTTYPE_HOSTMASK support")
---

diff --git a/include/xtables.h b/include/xtables.h
index b3c45c98..db7c492a 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -61,7 +61,6 @@ struct in_addr;
  * %XTTYPE_SYSLOGLEVEL:	syslog level by name or number
  * %XTTYPE_HOST:	one host or address (ptr: union nf_inet_addr)
  * %XTTYPE_HOSTMASK:	one host or address, with an optional prefix length
- * 			(ptr: union nf_inet_addr; only host portion is stored)
  * %XTTYPE_PROTOCOL:	protocol number/name from /etc/protocols (ptr: uint8_t)
  * %XTTYPE_PORT:	16-bit port name or number (supports %XTOPT_NBO)
  * %XTTYPE_PORTRC:	colon-separated port range (names acceptable),
diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c
index 5964a9bf..96946391 100644
--- a/libxtables/xtoptions.c
+++ b/libxtables/xtoptions.c
@@ -57,7 +57,6 @@ static const size_t xtopt_psize[] = {
 	[XTTYPE_STRING]      = -1,
 	[XTTYPE_SYSLOGLEVEL] = sizeof(uint8_t),
 	[XTTYPE_HOST]        = sizeof(union nf_inet_addr),
-	[XTTYPE_HOSTMASK]    = sizeof(union nf_inet_addr),
 	[XTTYPE_PROTOCOL]    = sizeof(uint8_t),
 	[XTTYPE_PORT]        = sizeof(uint16_t),
 	[XTTYPE_PORTRC]      = sizeof(uint16_t[2]),