]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b90e798) | patch
iptables: improve chain name validation
authorPhil Oester <kernel@linuxace.com>
Sat, 5 Oct 2013 16:33:15 +0000 (09:33 -0700)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sun, 3 Nov 2013 20:05:19 +0000 (21:05 +0100)
commite0853f3c285a6ad082e5ed5ff5e308beeeba41d9
tree134a711d4bd7dc6aa65c79cc50e8856c357d1bfatree | snapshot
parentb90e798596465f0ea2daff75d95f4f978f0a8377commit | diff
iptables: improve chain name validation

As pointed out by Andrew Domaszek, iptables allows whitespace to be included in
chain names.  This causes issues with iptables-restore, and later iptables
actions on the chain.  Attached patch disallows whitespace, and also consolidates
all chain name checking into a new function.

This closes netfilter bugzilla #855.

[ Included ip6tables changed as well --pablo ]

Signed-off-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
iptables/ip6tables.c diff | blob | blame | history
iptables/iptables.c diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables