From: Jan Engelhardt <jengelh@medozas.de>
Date: Fri, 11 Feb 2011 00:45:26 +0000 (+0100)
Subject: iptables: fix segfault target option parsing
X-Git-Tag: v1.4.11~76
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=af3d73ec867debb5e38c6c6fde66f05093714fec;p=thirdparty%2Fiptables.git

iptables: fix segfault target option parsing

With v1.4.10-58-g94e247b, target option parsing started to happen in the
wrong case.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---

diff --git a/ip6tables.c b/ip6tables.c
index 5561a7d5..9f0b8926 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1245,9 +1245,9 @@ static void command_default(struct iptables_command_state *cs)
 	struct xtables_rule_match *matchp;
 	struct xtables_match *m;
 
-	if (cs->target == NULL || cs->target->parse == NULL ||
-	    cs->c < cs->target->option_offset ||
-	    cs->c >= cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
+	if (cs->target != NULL && cs->target->parse != NULL &&
+	    cs->c >= cs->target->option_offset &&
+	    cs->c < cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
 		cs->target->parse(cs->c - cs->target->option_offset, cs->argv,
 				  cs->invert, &cs->target->tflags, &cs->fw6,
 				  &cs->target->t);
diff --git a/iptables.c b/iptables.c
index 33fd8822..a73df3ea 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1269,9 +1269,9 @@ static void command_default(struct iptables_command_state *cs)
 	struct xtables_rule_match *matchp;
 	struct xtables_match *m;
 
-	if (cs->target == NULL || cs->target->parse == NULL ||
-	    cs->c < cs->target->option_offset ||
-	    cs->c >= cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
+	if (cs->target != NULL && cs->target->parse != NULL &&
+	    cs->c >= cs->target->option_offset &&
+	    cs->c < cs->target->option_offset + XT_OPTION_OFFSET_SCALE) {
 		cs->target->parse(cs->c - cs->target->option_offset, cs->argv,
 				  cs->invert, &cs->target->tflags, &cs->fw,
 				  &cs->target->t);