iptables: correctly check for too-long chain/target/match names

* iptables-restore was not checking for chain name length * iptables was not checking for match name length * target length was checked against 32, not 29. References: http://bugzilla.netfilter.org/show_bug.cgi?id=641 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
author: Jan Engelhardt <jengelh@medozas.de> 2010-03-16 16:49:21 +0100
committer: Jan Engelhardt <jengelh@medozas.de> 2010-03-16 17:54:26 +0100
commit: 21d1283750d9c4df7ca80165d2b9dc0b9bd214eb (patch)
tree: 6dd5e4f1cd7a0082ecc59e14fa411ebe73063668 /ip6tables.c
parent: 89b6c32f88be47e83c3f6e7f8fee812088cb8c22 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ip6tables.c b/ip6tables.c
index e2359dfe..6ee42819 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -456,10 +456,10 @@ parse_target(const char *targetname)
 		xtables_error(PARAMETER_PROBLEM,
 			   "Invalid target name (too short)");
 
-	if (strlen(targetname)+1 > sizeof(ip6t_chainlabel))
+	if (strlen(targetname) > XT_FUNCTION_MAXNAMELEN - 1)
 		xtables_error(PARAMETER_PROBLEM,
 			   "Invalid target name `%s' (%u chars max)",
-			   targetname, (unsigned int)sizeof(ip6t_chainlabel)-1);
+			   targetname, XT_FUNCTION_MAXNAMELEN - 1);
 
 	for (ptr = targetname; *ptr; ptr++)
 		if (isspace(*ptr))
author	Jan Engelhardt <jengelh@medozas.de>	2010-03-16 16:49:21 +0100
committer	Jan Engelhardt <jengelh@medozas.de>	2010-03-16 17:54:26 +0100
commit	21d1283750d9c4df7ca80165d2b9dc0b9bd214eb (patch)
tree	6dd5e4f1cd7a0082ecc59e14fa411ebe73063668 /ip6tables.c
parent	89b6c32f88be47e83c3f6e7f8fee812088cb8c22 (diff)