matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tc: m_xt: Prevent a segfault in libipt 

This happens with NAT targets, such as SNAT, DNAT and MASQUERADE. These
are still not usable with this patch, but at least tc doesn't crash
anymore when one tries to use them.

Signed-off-by: Phil Sutter <phil@nwl.cc>
This commit is contained in:
Phil Sutter 2017-05-23 15:40:57 +02:00 committed by Stephen Hemminger
parent d315b706e9
commit f6fc1055e4
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tc/m_xt.c
View File

@ -146,6 +146,9 @@ static int parse_ipt(struct action_util *a, int *argc_p,
char ***argv_p, int tca_id, struct nlmsghdr *n)
{
struct xtables_target *m = NULL;
#if XTABLES_VERSION_CODE >= 6
struct ipt_entry fw = {};
#endif
struct rtattr *tail;
int c;
@ -206,7 +209,7 @@ static int parse_ipt(struct action_util *a, int *argc_p,
default:
#if XTABLES_VERSION_CODE >= 6
if (m != NULL && m->x6_parse != NULL) {
xtables_option_tpcall(c, argv, 0, m, NULL);
xtables_option_tpcall(c, argv, 0, m, &fw);
#else
if (m != NULL && m->parse != NULL) {
m->parse(c - m->option_offset, argv, 0,