From 7f859d49b753b0b09696b213c3fe22f67103b315 Mon Sep 17 00:00:00 2001
From: laforge <laforge>
Date: Fri, 26 Jul 2002 16:27:57 +0000
Subject: check for invalid port ranges (Thomas Poehnitz)

---
 extensions/libip6t_tcp.c | 4 ++++
 extensions/libip6t_udp.c | 4 ++++
 extensions/libipt_tcp.c  | 4 ++++
 extensions/libipt_udp.c  | 4 ++++
 4 files changed, 16 insertions(+)

diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c
index 8e54dc4..1bf1d19 100644
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -77,6 +77,10 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
 
 		ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
 		ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+		
+		if (ports[0] > ports[1])
+			exit_error(PARAMETER_PROBLEM, 
+				   "invalid portrange (min > max)");
 	}
 	free(buffer);
 }
diff --git a/extensions/libip6t_udp.c b/extensions/libip6t_udp.c
index fb0505e..a2e2fe6 100644
--- a/extensions/libip6t_udp.c
+++ b/extensions/libip6t_udp.c
@@ -69,6 +69,10 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
 
 		ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
 		ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+		if (ports[0] > ports[1])
+			exit_error(PARAMETER_PROBLEM,
+				   "invalid portrange (min > max)");
 	}
 	free(buffer);
 }
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c
index acf6050..1ff8f12 100644
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -77,6 +77,10 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
 
 		ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
 		ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+
+		if (ports[0] > ports[1])
+			exit_error(PARAMETER_PROBLEM,
+				   "invalid portrange (min > max)");
 	}
 	free(buffer);
 }
diff --git a/extensions/libipt_udp.c b/extensions/libipt_udp.c
index 622fb43..ccea210 100644
--- a/extensions/libipt_udp.c
+++ b/extensions/libipt_udp.c
@@ -69,6 +69,10 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
 
 		ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
 		ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+		if (ports[0] > ports[1])
+			exit_error(PARAMETER_PROBLEM,
+				   "invalid portrange (min > max)");
 	}
 	free(buffer);
 }
-- 
cgit v1.2.3