From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Sat, 9 Apr 2011 19:29:08 +0000 (+0200)
Subject: Fix set match/target direction parser
X-Git-Tag: v1.4.11~28^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aeb8af909befedbfc85e9f184471b219e4ea191a;p=thirdparty%2Fiptables.git

Fix set match/target direction parser

The direction parser did not catch when more src/dst direction
parameters were supplied than allowed.
---

diff --git a/extensions/libxt_set.h b/extensions/libxt_set.h
index 6b936911..4ac84fa9 100644
--- a/extensions/libxt_set.h
+++ b/extensions/libxt_set.h
@@ -114,7 +114,7 @@ parse_dirs_v0(const char *opt_arg, struct xt_set_info_v0 *info)
 	if (tmp)
 		xtables_error(PARAMETER_PROBLEM,
 			      "Can't be more src/dst options than %i.", 
-			      IPSET_DIM_MAX - 1);
+			      IPSET_DIM_MAX);
 
 	free(saved);
 }
@@ -124,9 +124,8 @@ parse_dirs(const char *opt_arg, struct xt_set_info *info)
 {
 	char *saved = strdup(opt_arg);
 	char *ptr, *tmp = saved;
-	int i = 0;
 	
-	while (i < (IPSET_DIM_MAX - 1) && tmp != NULL) {
+	while (info->dim < IPSET_DIM_MAX && tmp != NULL) {
 		info->dim++;
 		ptr = strsep(&tmp, ",");
 		if (strncmp(ptr, "src", 3) == 0)
@@ -139,7 +138,7 @@ parse_dirs(const char *opt_arg, struct xt_set_info *info)
 	if (tmp)
 		xtables_error(PARAMETER_PROBLEM,
 			      "Can't be more src/dst options than %i.", 
-			      IPSET_DIM_MAX - 1);
+			      IPSET_DIM_MAX);
 
 	free(saved);
 }