From: Rusty Russell <rusty@linuxcare.com.au>
Date: Sat, 26 Aug 2000 04:39:16 +0000 (+0000)
Subject: Handle *really* large index values without segfaulting.
X-Git-Tag: v1.2.1~127
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2ee3fd0a8d4b1ab65cb4077650cda174b779e6f9;p=thirdparty%2Fiptables.git

Handle *really* large index values without segfaulting.
---

diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 781a42db..68b5a149 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -908,6 +908,7 @@ TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
 	unsigned int chainindex, offset;
 	STRUCT_ENTRY_TARGET old;
 	struct chain_cache *c;
+	STRUCT_ENTRY *e;
 	int ret;
 
 	iptc_fn = TC_INSERT_ENTRY;
@@ -918,7 +919,8 @@ TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
 
 	chainindex = entry2index(*handle, c->start);
 
-	if (index2entry(*handle, chainindex + rulenum) > c->end) {
+	e = index2entry(*handle, chainindex + rulenum);
+	if (!e || e > c->end) {
 		errno = E2BIG;
 		return 0;
 	}
@@ -945,6 +947,7 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
 	unsigned int chainindex, offset;
 	STRUCT_ENTRY_TARGET old;
 	struct chain_cache *c;
+	STRUCT_ENTRY *e;
 	int ret;
 
 	iptc_fn = TC_REPLACE_ENTRY;
@@ -956,7 +959,8 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
 
 	chainindex = entry2index(*handle, c->start);
 
-	if (index2entry(*handle, chainindex + rulenum) >= c->end) {
+	e = index2entry(*handle, chainindex + rulenum);
+	if (!e || e >= c->end) {
 		errno = E2BIG;
 		return 0;
 	}