libipt_statistic: add a few missing validity checks

author Nicolas Bouliane <nicboul@gmail.com>

Tue, 3 Jul 2007 12:52:55 +0000 (12:52 +0000)

committer Patrick McHardy <kaber@trash.net>

Tue, 3 Jul 2007 12:52:55 +0000 (12:52 +0000)
author Nicolas Bouliane <nicboul@gmail.com>
Tue, 3 Jul 2007 12:52:55 +0000 (12:52 +0000)
committer Patrick McHardy <kaber@trash.net>
Tue, 3 Jul 2007 12:52:55 +0000 (12:52 +0000)
diff --git a/extensions/libipt_statistic.c b/extensions/libipt_statistic.c

index 4ed18138bad503d9a4e82f9455d82ba83bb4f686..f8aad2acd4215560f7f4c469a8a1614e75903fa9 100644 (file)
--- a/extensions/libipt_statistic.c
+++ b/extensions/libipt_statistic.c
@@ -113,6 +113,15 @@ final_check(unsigned int flags)
         if (flags & 0x8 && info->mode != XT_STATISTIC_MODE_NTH)
                 exit_error(PARAMETER_PROBLEM,
                            "--packet can only be used in nth mode");
+       if ((flags & 0x8) && !(flags & 0x4))
+               exit_error(PARAMETER_PROBLEM,
+                          "--packet can only be used with --every");
+       /* at this point, info->u.nth.every have been decreased. */
+       if (!(info->u.nth.packet >= 0 && info->u.nth.packet <= info->u.nth.every))
+               exit_error(PARAMETER_PROBLEM,
+                         "the --packet p must be 0 <= p <= n-1");
+
+
         info->u.nth.count = info->u.nth.every - info->u.nth.packet;
  }
author	Nicolas Bouliane <nicboul@gmail.com>
	Tue, 3 Jul 2007 12:52:55 +0000 (12:52 +0000)
committer	Patrick McHardy <kaber@trash.net>
	Tue, 3 Jul 2007 12:52:55 +0000 (12:52 +0000)