From 6db2ded2f22a7e78743c86af523b8430876582e9 Mon Sep 17 00:00:00 2001 From: Christian Perle Date: Tue, 17 Feb 2009 17:31:52 +0100 Subject: libxt_policy: cannot set spi/reqid numbers higher than 0x7fffffff http://bugzilla.netfilter.org/show_bug.cgi?id=577 When using the -m policy match, the option argument for --spi is converted using strtol(), which returns a signed 32 bit value, so the highest positive value is 0x7fffffff. Instead strtoul() should be used. The same applies for the --reqid option argument. Signed-off-by: Patrick McHardy --- extensions/libipt_policy.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'extensions/libipt_policy.c') diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c index 6ae51e7c..a538927f 100644 --- a/extensions/libipt_policy.c +++ b/extensions/libipt_policy.c @@ -166,7 +166,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, e->match.reqid = 1; e->invert.reqid = invert; - e->reqid = strtol(argv[optind-1], NULL, 10); + e->reqid = strtoul(argv[optind-1], NULL, 10); break; case '5': if (e->match.spi) @@ -175,7 +175,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, e->match.spi = 1; e->invert.spi = invert; - e->spi = strtol(argv[optind-1], NULL, 0x10); + e->spi = strtoul(argv[optind-1], NULL, 0x10); break; case '6': if (e->match.saddr) -- cgit v1.2.3