From 9d41421a887f4bc4b3ba10174cf43ee2c6b76956 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Thu, 25 Jan 2024 18:14:23 +0100 Subject: libxtables: Reject negative port ranges Analogous to XTTYPE_UINT*RC value parsing, assert consecutive port values are not lower than previous ones. Signed-off-by: Phil Sutter --- libxtables/xtoptions.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'libxtables/xtoptions.c') diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c index cecf7d35..0a995a63 100644 --- a/libxtables/xtoptions.c +++ b/libxtables/xtoptions.c @@ -604,7 +604,7 @@ static void xtopt_parse_mport(struct xt_option_call *cb) const struct xt_option_entry *entry = cb->entry; char *lo_arg, *wp_arg, *arg; unsigned int maxiter; - int value; + int value, prev = 0; wp_arg = lo_arg = xtables_strdup(cb->arg); @@ -634,6 +634,11 @@ static void xtopt_parse_mport(struct xt_option_call *cb) xt_params->exit_err(PARAMETER_PROBLEM, "Port \"%s\" does not resolve to " "anything.\n", arg); + if (value < prev) + xt_params->exit_err(PARAMETER_PROBLEM, + "Port range %d-%d is negative.\n", + prev, value); + prev = value; if (entry->flags & XTOPT_NBO) value = htons(value); if (cb->nvals < ARRAY_SIZE(cb->val.port_range)) -- cgit v1.2.3