]> git.ipfire.org Git - thirdparty/iptables.git/commitdiff
projects / thirdparty / iptables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4107c8d)
Handle *really* large index values without segfaulting.
authorRusty Russell <rusty@linuxcare.com.au>
Sat, 26 Aug 2000 04:39:16 +0000 (04:39 +0000)
committerRusty Russell <rusty@rustcorp.com.au>
Sat, 26 Aug 2000 04:39:16 +0000 (04:39 +0000)
libiptc/libiptc.c patch | blob | blame | history

diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 781a42db971d1d8fa01cff875266219fd2bc65cf..68b5a1491f6212771df75aa44cb9724dab05b514 100644 (file)
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -908,6 +908,7 @@ TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
        unsigned int chainindex, offset;
        STRUCT_ENTRY_TARGET old;
        struct chain_cache *c;
+       STRUCT_ENTRY *e;
        int ret;
 
        iptc_fn = TC_INSERT_ENTRY;
@@ -918,7 +919,8 @@ TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
 
        chainindex = entry2index(*handle, c->start);
 
-       if (index2entry(*handle, chainindex + rulenum) > c->end) {
+       e = index2entry(*handle, chainindex + rulenum);
+       if (!e || e > c->end) {
                errno = E2BIG;
                return 0;
        }
@@ -945,6 +947,7 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
        unsigned int chainindex, offset;
        STRUCT_ENTRY_TARGET old;
        struct chain_cache *c;
+       STRUCT_ENTRY *e;
        int ret;
 
        iptc_fn = TC_REPLACE_ENTRY;
@@ -956,7 +959,8 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
 
        chainindex = entry2index(*handle, c->start);
 
-       if (index2entry(*handle, chainindex + rulenum) >= c->end) {
+       e = index2entry(*handle, chainindex + rulenum);
+       if (!e || e >= c->end) {
                errno = E2BIG;
                return 0;
        }
Mirror of git://git.netfilter.org/iptables