From b77f1dafb9f35752bb9685323bcacb32a0e6ddc5 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Thu, 14 Mar 2002 11:35:58 +0000 Subject: Fix 'iptables -p !' bug (segfault when `!' used without argument) --- ip6tables.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'ip6tables.c') diff --git a/ip6tables.c b/ip6tables.c index 22d636eb..b4d6ea55 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -424,14 +424,20 @@ add_command(int *cmd, const int newcmd, const int othercmds, int invert) } int -check_inverse(const char option[], int *invert) +check_inverse(const char option[], int *invert, int *optind, int argc) { if (option && strcmp(option, "!") == 0) { if (*invert) exit_error(PARAMETER_PROBLEM, "Multiple `!' flags not allowed"); - *invert = TRUE; + if (optind) { + *optind = *optind+1; + if (argc && *optind > argc) + exit_error(PARAMETER_PROBLEM, + "no argument following `!'"); + } + return TRUE; } return FALSE; @@ -1838,8 +1844,7 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) * Option selection */ case 'p': - if (check_inverse(optarg, &invert)) - optind++; + check_inverse(optarg, &invert, &optind, argc); set_option(&options, OPT_PROTOCOL, &fw.ipv6.invflags, invert); @@ -1861,8 +1866,7 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) break; case 's': - if (check_inverse(optarg, &invert)) - optind++; + check_inverse(optarg, &invert, &optind, argc); set_option(&options, OPT_SOURCE, &fw.ipv6.invflags, invert); shostnetworkmask = argv[optind-1]; @@ -1870,8 +1874,7 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) break; case 'd': - if (check_inverse(optarg, &invert)) - optind++; + check_inverse(optarg, &invert, &optind, argc); set_option(&options, OPT_DESTINATION, &fw.ipv6.invflags, invert); dhostnetworkmask = argv[optind-1]; @@ -1901,8 +1904,7 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) case 'i': - if (check_inverse(optarg, &invert)) - optind++; + check_inverse(optarg, &invert, &optind, argc); set_option(&options, OPT_VIANAMEIN, &fw.ipv6.invflags, invert); parse_interface(argv[optind-1], @@ -1912,8 +1914,7 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) break; case 'o': - if (check_inverse(optarg, &invert)) - optind++; + check_inverse(optarg, &invert, &optind, argc); set_option(&options, OPT_VIANAMEOUT, &fw.ipv6.invflags, invert); parse_interface(argv[optind-1], -- cgit v1.2.3