summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--libiptc/libiptc.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 781a42db..68b5a149 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -908,6 +908,7 @@ TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
unsigned int chainindex, offset;
STRUCT_ENTRY_TARGET old;
struct chain_cache *c;
+ STRUCT_ENTRY *e;
int ret;
iptc_fn = TC_INSERT_ENTRY;
@@ -918,7 +919,8 @@ TC_INSERT_ENTRY(const IPT_CHAINLABEL chain,
chainindex = entry2index(*handle, c->start);
- if (index2entry(*handle, chainindex + rulenum) > c->end) {
+ e = index2entry(*handle, chainindex + rulenum);
+ if (!e || e > c->end) {
errno = E2BIG;
return 0;
}
@@ -945,6 +947,7 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
unsigned int chainindex, offset;
STRUCT_ENTRY_TARGET old;
struct chain_cache *c;
+ STRUCT_ENTRY *e;
int ret;
iptc_fn = TC_REPLACE_ENTRY;
@@ -956,7 +959,8 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
chainindex = entry2index(*handle, c->start);
- if (index2entry(*handle, chainindex + rulenum) >= c->end) {
+ e = index2entry(*handle, chainindex + rulenum);
+ if (!e || e >= c->end) {
errno = E2BIG;
return 0;
}