From: Patrick McHardy <kaber@trash.net>
Date: Fri, 20 Nov 2009 13:58:11 +0000 (+0100)
Subject: conntrack: fix --expires parsing
X-Git-Tag: v1.4.6~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f294f843473718f8d32745600b9a97c0b799e7c5;p=thirdparty%2Fiptables.git

conntrack: fix --expires parsing

Using ranges in --ctexpire results in a parsing error:

conntrack: Bad value for "--expires" option: "1:1000"

The first value is parsed twice, after which the end pointer doesn't
point to the expected '\0' but to the colon.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---

diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index d30871fc..5ca734d2 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -273,7 +273,7 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo2 *info, const char *s)
 		xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
 	max = min;
 	if (*end == ':')
-		if (!xtables_strtoui(s, &end, &max, 0, UINT32_MAX))
+		if (!xtables_strtoui(end + 1, &end, &max, 0, UINT32_MAX))
 			xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
 	if (*end != '\0')
 		xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);