diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-01-01 16:02:10 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-01-01 16:02:10 +0100 |
commit | 91543fd0dedcdba499fdd09f606b4dd9cde969fa (patch) | |
tree | fd6cf953a28dbf90f679d28e31c6175b21470882 | |
parent | d689f64be6657ab7c9dc9cb13a6c23c936ccaefb (diff) |
nfacct: check for too many arguments
More robust behaviour, display error if you pass more arguments
than require.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/nfacct.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/nfacct.c b/src/nfacct.c index e282b82..9d1c123 100644 --- a/src/nfacct.c +++ b/src/nfacct.c @@ -150,6 +150,9 @@ static int nfacct_cmd_list(int argc, char *argv[]) if (strncmp(argv[2], "reset", strlen(argv[2])) == 0) { zeroctr = true; } + } else if (argc > 3) { + nfacct_perror("too many arguments"); + return -1; } seq = time(NULL); @@ -203,6 +206,9 @@ static int nfacct_cmd_add(int argc, char *argv[]) if (argc < 3) { nfacct_perror("missing object name"); return -1; + } else if (argc > 3) { + nfacct_perror("too many arguments"); + return -1; } nfacct = nfacct_alloc(); @@ -265,6 +271,9 @@ static int nfacct_cmd_delete(int argc, char *argv[]) if (argc < 3) { nfacct_perror("missing object name"); return -1; + } else if (argc > 3) { + nfacct_perror("too many arguments"); + return -1; } nfacct = nfacct_alloc(); @@ -329,12 +338,13 @@ static int nfacct_cmd_get(int argc, char *argv[]) if (argc < 3) { nfacct_perror("missing object name"); return -1; - } - - if (argc == 4) { + } else if (argc == 4) { if (strncmp(argv[3], "reset", strlen(argv[3])) == 0) { zeroctr = true; } + } else if (argc > 4) { + nfacct_perror("too many arguments"); + return -1; } nfacct = nfacct_alloc(); @@ -395,6 +405,11 @@ static int nfacct_cmd_flush(int argc, char *argv[]) uint32_t portid, seq; int ret; + if (argc > 2) { + nfacct_perror("too many arguments"); + return -1; + } + seq = time(NULL); nlh = nfacct_nlmsg_build_hdr(buf, NFNL_MSG_ACCT_DEL, NLM_F_ACK, seq); |