libxt_policy: cannot set spi/reqid numbers higher than 0x7fffffff

http://bugzilla.netfilter.org/show_bug.cgi?id=577

When using the -m policy match, the option argument for --spi is converted
using strtol(), which returns a signed 32 bit value, so the highest
positive value is 0x7fffffff. Instead strtoul() should be used.
The same applies for the --reqid option argument.

Signed-off-by: Patrick McHardy <kaber@trash.net>

2 files changed, 4 insertions, 4 deletions

diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 7c1a1e71..7ea72cd9 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -198,7 +198,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
 
 		e->match.reqid = 1;
 		e->invert.reqid = invert;
-		e->reqid = strtol(argv[optind-1], NULL, 10);
+		e->reqid = strtoul(argv[optind-1], NULL, 10);
 		break;
 	case '5':
 		if (e->match.spi)
@@ -207,7 +207,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
 
 		e->match.spi = 1;
 		e->invert.spi = invert;
-		e->spi = strtol(argv[optind-1], NULL, 0x10);
+		e->spi = strtoul(argv[optind-1], NULL, 0x10);
 		break;
 	case '6':
 		if (e->match.saddr)
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index 6ae51e7c..a538927f 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -166,7 +166,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
 
 		e->match.reqid = 1;
 		e->invert.reqid = invert;
-		e->reqid = strtol(argv[optind-1], NULL, 10);
+		e->reqid = strtoul(argv[optind-1], NULL, 10);
 		break;
 	case '5':
 		if (e->match.spi)
@@ -175,7 +175,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
 
 		e->match.spi = 1;
 		e->invert.spi = invert;
-		e->spi = strtol(argv[optind-1], NULL, 0x10);
+		e->spi = strtoul(argv[optind-1], NULL, 0x10);
 		break;
 	case '6':
 		if (e->match.saddr)