summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--extensions/libip6t_tcp.c4
-rw-r--r--extensions/libip6t_udp.c4
-rw-r--r--extensions/libipt_tcp.c4
-rw-r--r--extensions/libipt_udp.c4
4 files changed, 16 insertions, 0 deletions
diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c
index 8e54dc4..1bf1d19 100644
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -77,6 +77,10 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}
diff --git a/extensions/libip6t_udp.c b/extensions/libip6t_udp.c
index fb0505e..a2e2fe6 100644
--- a/extensions/libip6t_udp.c
+++ b/extensions/libip6t_udp.c
@@ -69,6 +69,10 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c
index acf6050..1ff8f12 100644
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -77,6 +77,10 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}
diff --git a/extensions/libipt_udp.c b/extensions/libipt_udp.c
index 622fb43..ccea210 100644
--- a/extensions/libipt_udp.c
+++ b/extensions/libipt_udp.c
@@ -69,6 +69,10 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}