path: root/iptables/xtables-eb.c
diff options
authorPhil Sutter <>2019-10-22 12:25:28 +0200
committerPhil Sutter <>2019-10-23 10:58:09 +0200
commit4e470fa34761085144640fb561a9ad26b2cde382 (patch)
tree70722e0e5e003fa2a764c8e8a251112bc41f02e4 /iptables/xtables-eb.c
parent3dc433b55bbfaf9df3ee408aaa6282742f377864 (diff)
xtables-restore: Unbreak *tables-restore
Commit 3dc433b55bbfa ("xtables-restore: Fix --table parameter check") installed an error check which evaluated true in all cases as all callers of do_command callbacks pass a pointer to a table name already. Attached test case passed as it tested error condition only. Fix the whole mess by introducing a boolean to indicate whether a table parameter was seen already. Extend the test case to cover positive as well as negative behaviour and to test ebtables-restore and ip6tables-restore as well. Also add the required checking code to the latter since the original commit missed it. Fixes: 3dc433b55bbfa ("xtables-restore: Fix --table parameter check") Signed-off-by: Phil Sutter <> Acked-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/xtables-eb.c')
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index aa754d79..fd7d601f 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -780,6 +780,7 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table,
int selected_chain = -1;
struct xtables_rule_match *xtrm_i;
struct ebt_match *match;
+ bool table_set = false;
/* prevent getopt to spoil our error reporting */
optind = 0;
@@ -947,7 +948,7 @@ print_zero:
case 't': /* Table */
ebt_check_option2(&flags, OPT_TABLE);
- if (restore && *table)
+ if (restore && table_set)
"The -t option (seen in line %u) cannot be used in %s.\n",
line, xt_params->program_name);
@@ -956,6 +957,7 @@ print_zero:
"Table name length cannot exceed %d characters",
*table = optarg;
+ table_set = true;
case 'i': /* Input interface */
case 2 : /* Logical input interface */