Group :: System/Kernel and hardware
RPM: iptables
Navigation
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: iptables-1.2.2-iptables-restore-crash-fix.patch
Download
Download
--- iptables-1.2.2/iptables-restore.c.orig Wed Sep 12 19:18:39 2001
+++ iptables-1.2.2/iptables-restore.c Wed Sep 12 19:38:50 2001
@@ -255,6 +255,9 @@
char *param_start, *curchar;
int quote_open;
+ /* temporary pointer for parsing stuff */
+ char *pos = NULL;
+
/* reset the newargv */
newargc = 0;
@@ -284,7 +287,23 @@
/* start command parsing at start of line */
parsestart = buffer;
}
-
+
+ /* The following two if statements are a patch
+ * to prevent iptables-restore from crashing
+ * when someone passes data that isn't in the format
+ * of iptables-save. - Ben Reser <ben@reser.org> */
+ if ((pos = strstr(buffer, "-t"))) {+ pos += 2;
+ if (*pos == ' ' || *pos == '\t' || *pos == '\n') {+ fprintf(stderr, "Line %u doesn't appear to contain data generated by iptables-save.\n", line);
+ exit(1);
+ }
+ }
+ if (!strlen((char *) &curtable)) {+ fprintf(stderr, "Line %u doesn't appear to contain data generated by iptables-save.\n", line);
+ exit(1);
+ }
+
add_argv(argv[0]);
add_argv("-t");add_argv((char *) &curtable);