path: root/iptables-restore.c
diff options
authorJan Engelhardt <>2008-08-04 12:51:01 +0200
committerPatrick McHardy <>2008-08-04 12:51:01 +0200
commitd0cbf5f34d3421064eb0fbbcdc6b90cda4e81f2d (patch)
tree1a271189fda828a4dbe4b89a8194d8d8c47444a9 /iptables-restore.c
parent415a8580cc2b053687c197e8e25d606e8420c672 (diff)
iptables-restore: fix segmentation fault with -tanything
Reference: Debian bug #458042 iptables-restore must not pass a table into do_command. It checks for "-t arg" and "--table arg", but not "-targ". (On a related note, using -targ does not work as expected). This should fail gracefully, but crashes: iptables-restore <(echo -e '*filter\n-A INPUT -tx\nCOMMIT') And this should use table "filter", or perhaps raise an error, but instead sets the table to (literally) "-tfilter": iptables -tfilter -A INPUT Signed-off-by: Jan Engelhardt <> Signed-off-by: Patrick McHardy <>
Diffstat (limited to 'iptables-restore.c')
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables-restore.c b/iptables-restore.c
index 4b199d94..dcbed149 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -412,7 +412,7 @@ main(int argc, char *argv[])
param_buffer[param_len] = '\0';
/* check if table name specified */
- if (!strncmp(param_buffer, "-t", 3)
+ if (!strncmp(param_buffer, "-t", 2)
|| !strncmp(param_buffer, "--table", 8)) {
"Line %u seems to have a "