summaryrefslogtreecommitdiffstats
path: root/iptables.c
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2008-08-04 12:51:01 +0200
committerPatrick McHardy <kaber@trash.net>2008-08-04 12:51:01 +0200
commitd0cbf5f34d3421064eb0fbbcdc6b90cda4e81f2d (patch)
tree1a271189fda828a4dbe4b89a8194d8d8c47444a9 /iptables.c
parent415a8580cc2b053687c197e8e25d606e8420c672 (diff)
iptables-restore: fix segmentation fault with -tanything
Reference: Debian bug #458042 iptables-restore must not pass a table into do_command. It checks for "-t arg" and "--table arg", but not "-targ". (On a related note, using -targ does not work as expected). This should fail gracefully, but crashes: iptables-restore <(echo -e '*filter\n-A INPUT -tx\nCOMMIT') And this should use table "filter", or perhaps raise an error, but instead sets the table to (literally) "-tfilter": iptables -tfilter -A INPUT Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'iptables.c')
-rw-r--r--iptables.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/iptables.c b/iptables.c
index bf3cbca2..41e18361 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1764,7 +1764,7 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
if (invert)
exit_error(PARAMETER_PROBLEM,
"unexpected ! flag before --table");
- *table = argv[optind-1];
+ *table = optarg;
break;
case 'x':
@@ -1911,8 +1911,7 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
}
if (!m)
exit_error(PARAMETER_PROBLEM,
- "Unknown arg `%s'",
- argv[optind-1]);
+ "Unknown arg `%s'", optarg);
}
}
invert = FALSE;