bitwise: xml: mask and xor use same number of data registers

The mask and xor must use the same number of data registers. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> 2013-06-26 13:37:00 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-06-27 19:11:07 +0200
commit: 34caf0add23aab075c2bbe1a99927c081014cadd (patch)
tree: 5121d4bf38f40b5d36084d759076103188033971 /src/expr/bitwise.c
parent: 0f5f45bee6e1f43688b91731406bada3e0bc9a54 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index fa2fc5a..c8c4f40 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -298,6 +298,14 @@ nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, char *xml)
 	bitwise->xor.len = data_regtmp.len;
 	e->flags |= (1 << NFT_EXPR_BITWISE_XOR);
 
+	/* Additional validation: mask and xor must use the same number of
+	 * data registers.
+	 */
+	if (bitwise->mask.len != bitwise->xor.len) {
+		mxmlDelete(tree);
+		return -1;
+	}
+
 	mxmlDelete(tree);
 	return 0;
 #else
author	Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>	2013-06-26 13:37:00 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-06-27 19:11:07 +0200
commit	34caf0add23aab075c2bbe1a99927c081014cadd (patch)
tree	5121d4bf38f40b5d36084d759076103188033971 /src/expr/bitwise.c
parent	0f5f45bee6e1f43688b91731406bada3e0bc9a54 (diff)