From: Yasuyuki KOZAKAI Date: Wed, 22 Jun 2005 12:22:44 +0000 (+0000) Subject: This patch prevents user to set negative port value of SNAT/DNAT. X-Git-Tag: v1.3.2~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3a9c0d3e3d9df70c5ea2e64ef792e194dbfbde7;p=thirdparty%2Fiptables.git This patch prevents user to set negative port value of SNAT/DNAT. (Yasuyuki Kozakai) --- diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c index 94d04e8e..9e4f5253 100644 --- a/extensions/libipt_DNAT.c +++ b/extensions/libipt_DNAT.c @@ -73,7 +73,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED; port = atoi(colon+1); - if (port == 0 || port > 65535) + if (port <= 0 || port > 65535) exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", colon+1); @@ -91,7 +91,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) int maxport; maxport = atoi(dash + 1); - if (maxport == 0 || maxport > 65535) + if (maxport <= 0 || maxport > 65535) exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", dash+1); if (maxport < port) diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c index 7510f6e7..a893a47d 100644 --- a/extensions/libipt_SNAT.c +++ b/extensions/libipt_SNAT.c @@ -73,7 +73,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED; port = atoi(colon+1); - if (port == 0 || port > 65535) + if (port <= 0 || port > 65535) exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", colon+1); @@ -91,7 +91,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) int maxport; maxport = atoi(dash + 1); - if (maxport == 0 || maxport > 65535) + if (maxport <= 0 || maxport > 65535) exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", dash+1); if (maxport < port)