diff options
author | Phil Sutter <phil@nwl.cc> | 2024-04-09 13:18:12 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2024-04-10 01:08:45 +0200 |
commit | a2911408959d7e86bc4bad4f1be2551a19ad125c (patch) | |
tree | 27c680e0a60c55923e49df5eaa7214bce0dc304e | |
parent | 400fb98dde882da4c1d2c763de3f16a8ba1484b4 (diff) |
xshared: Fix parsing of empty string arg in '-c' option
Calling iptables with '-c ""' resulted in a call to strchr() with an
invalid pointer as 'optarg + 1' points to past the buffer. The most
simple fix is to drop the offset: The global optstring part specifies a
single colon after 'c', so getopt() enforces a valid pointer in optarg.
If it contains a comma at first position, packet counter value parsing
will fail so all cases are covered.
Reported-by: gorbanev.es@gmail.com
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1741
Fixes: 60a6073690a45 ("Make --set-counters (-c) accept comma separated counters")
Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r-- | extensions/iptables.t | 5 | ||||
-rw-r--r-- | iptables/xshared.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/extensions/iptables.t b/extensions/iptables.t index b4b6d677..5d6d3d15 100644 --- a/extensions/iptables.t +++ b/extensions/iptables.t @@ -4,3 +4,8 @@ -i eth+ -o alongifacename+;=;OK ! -i eth0;=;OK ! -o eth+;=;OK +-c "";;FAIL +-c ,3;;FAIL +-c 3,;;FAIL +-c ,;;FAIL +-c 2,3 -j ACCEPT;-j ACCEPT;OK diff --git a/iptables/xshared.c b/iptables/xshared.c index b998dd75..b1997ea3 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -1885,7 +1885,7 @@ void do_parse(int argc, char *argv[], set_option(p->ops, &cs->options, OPT_COUNTERS, &args->invflags, invert); args->pcnt = optarg; - args->bcnt = strchr(args->pcnt + 1, ','); + args->bcnt = strchr(args->pcnt, ','); if (args->bcnt) args->bcnt++; if (!args->bcnt && xs_has_arg(argc, argv)) |