path: root/iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0
diff options
authorPhil Sutter <>2019-12-04 09:56:06 +0100
committerPhil Sutter <>2019-12-04 23:44:28 +0100
commita103fbfadf4c17b8b12caa57eef72deaaa71a18c (patch)
tree57b58f50943667acd1194a14cba45f06069058aa /iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0
parent066a19596ae3d69b49a70405e2daf75c929dcd4d (diff)
xtables-restore: Fix parser feed from line buffer
When called with --noflush, xtables-restore would trip over chain lines: Parser uses strtok() to separate chain name, policy and counters which inserts nul-chars into the source string. Therefore strlen() can't be used anymore to find end of line. Fix this by caching line length before calling xtables_restore_parse_line(). Fixes: 09cb517949e69 ("xtables-restore: Improve performance of --noflush operation") Signed-off-by: Phil Sutter <> Acked-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0')
1 files changed, 10 insertions, 0 deletions
diff --git a/iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0 b/iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0
new file mode 100755
index 00000000..739e684a
--- /dev/null
+++ b/iptables/tests/shell/testcases/ipt-restore/0010-noflush-new-chain_0
@@ -0,0 +1,10 @@
+#!/bin/sh -e
+# assert input feed from buffer doesn't trip over
+# added nul-chars from parsing chain line.
+$XT_MULTI iptables-restore --noflush <<EOF
+:foobar - [0:0]
+-A foobar -j ACCEPT