4 files changed, 12 insertions, 2 deletions

diff --git a/ip6tables.c b/ip6tables.c
index b8449f6e..4ca4bfec 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1714,6 +1714,9 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 					if (matchp->completed ||
 					    matchp->match->parse == NULL)
 						continue;
+					if (c < matchp->match->option_offset ||
+					    c >= matchp->match->option_offset + XT_OPTION_OFFSET_SCALE)
+						continue;
 					if (matchp->match->parse(c - matchp->match->option_offset,
 						     argv, invert,
 						     &matchp->match->mflags,
diff --git a/iptables.c b/iptables.c
index e0efbf1b..bcacd49f 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1746,6 +1746,9 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 					if (matchp->completed ||
 					    matchp->match->parse == NULL)
 						continue;
+					if (c < matchp->match->option_offset ||
+					    c >= matchp->match->option_offset + XT_OPTION_OFFSET_SCALE)
+						continue;
 					if (matchp->match->parse(c - matchp->match->option_offset,
 						     argv, invert,
 						     &matchp->match->mflags,
diff --git a/xshared.h b/xshared.h
index c53b618f..e5b2a02b 100644
--- a/xshared.h
+++ b/xshared.h
@@ -4,6 +4,10 @@
 struct xtables_rule_match;
 struct xtables_target;
 
+enum {
+	XT_OPTION_OFFSET_SCALE = 256,
+};
+
 extern void print_extension_helps(const struct xtables_target *,
 	const struct xtables_rule_match *);
 
diff --git a/xtables.c b/xtables.c
index b6309010..5b7526c8 100644
--- a/xtables.c
+++ b/xtables.c
@@ -49,7 +49,7 @@
 #	define IP6T_SO_GET_REVISION_TARGET	69
 #endif
 #include <getopt.h>
-
+#include "xshared.h"
 
 #define NPROTO	255
 
@@ -111,7 +111,7 @@ struct option *xtables_merge_options(struct option *orig_opts,
 	mp = merge + num_oold;
 
 	/* Second, the new options */
-	xt_params->option_offset += 256;
+	xt_params->option_offset += XT_OPTION_OFFSET_SCALE;
 	*option_offset = xt_params->option_offset;
 	memcpy(mp, newopts, sizeof(*mp) * num_new);