diff options
| author | huaibin Wang <huaibin.wang@6wind.com> | 2017-11-13 14:27:54 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-11-13 14:30:08 +0100 |
| commit | 71de414c21f7f31270e5d62e782e52257e5c3d06 (patch) | |
| tree | e5fc243b299675b0a89e9d5e1b578b74aaae133d /extensions/libxt_sctp.t | |
| parent | 1a32381aa637d6a4a60f793ed671e9c095ef77c2 (diff) | |
libxt_sctp: fix array out of range in print_chunk
For chunk type ASCONF, ASCONF_ACK and FORWARD_TSN, sctp_chunk_names[].chunk_type
is not equal to the corresponding index in sctp_chunk_names[]. Using this field
leads to a segmentation fault (index out of range).
Example
$ iptables -A INPUT -p sctp --chunk-type all ASCONF,ASCONF_ACK,FORWARD_TSN -j ACCEPT
$ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Segmentation fault
Signed-off-by: huaibin Wang <huaibin.wang@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_sctp.t')
| -rw-r--r-- | extensions/libxt_sctp.t | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/extensions/libxt_sctp.t b/extensions/libxt_sctp.t index 2f75e2a6..4016e4fb 100644 --- a/extensions/libxt_sctp.t +++ b/extensions/libxt_sctp.t @@ -23,10 +23,7 @@ -p sctp -m sctp --chunk-types all COOKIE_ACK;=;OK -p sctp -m sctp --chunk-types all ECN_ECNE;=;OK -p sctp -m sctp --chunk-types all ECN_CWR;=;OK -# ERROR: iptables-save segfaults: iptables -A INPUT -p sctp -m sctp --chunk-types all ASCONF -# -p sctp -m sctp --chunk-types all ASCONF;=;OK -# ERROR: iptables-save segfaults: iptables -A INPUT -p sctp -m sctp --chunk-types all ASCONF_ACK -# -p sctp -m sctp --chunk-types all ASCONF_ACK;=;OK -# ERROR: iptables-save segfaults: iptables -A INPUT -p sctp -m sctp --chunk-types all FORWARD_TSN -# -p sctp -m sctp --chunk-types all FORWARD_TSN;=;OK +-p sctp -m sctp --chunk-types all ASCONF;=;OK +-p sctp -m sctp --chunk-types all ASCONF_ACK;=;OK +-p sctp -m sctp --chunk-types all FORWARD_TSN;=;OK -p sctp -m sctp --chunk-types all SHUTDOWN_COMPLETE;=;OK |