diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2008-08-04 12:51:01 +0200 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-08-04 12:51:01 +0200 |
commit | d0cbf5f34d3421064eb0fbbcdc6b90cda4e81f2d (patch) | |
tree | 1a271189fda828a4dbe4b89a8194d8d8c47444a9 /iptables-restore.c | |
parent | 415a8580cc2b053687c197e8e25d606e8420c672 (diff) |
iptables-restore: fix segmentation fault with -tanything
Reference: Debian bug #458042
iptables-restore must not pass a table into do_command. It checks for
"-t arg" and "--table arg", but not "-targ". (On a related note,
using -targ does not work as expected).
This should fail gracefully, but crashes:
iptables-restore <(echo -e '*filter\n-A INPUT -tx\nCOMMIT')
And this should use table "filter", or perhaps raise an error, but
instead sets the table to (literally) "-tfilter":
iptables -tfilter -A INPUT
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'iptables-restore.c')
-rw-r--r-- | iptables-restore.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables-restore.c b/iptables-restore.c index 4b199d94..dcbed149 100644 --- a/iptables-restore.c +++ b/iptables-restore.c @@ -412,7 +412,7 @@ main(int argc, char *argv[]) param_buffer[param_len] = '\0'; /* check if table name specified */ - if (!strncmp(param_buffer, "-t", 3) + if (!strncmp(param_buffer, "-t", 2) || !strncmp(param_buffer, "--table", 8)) { exit_error(PARAMETER_PROBLEM, "Line %u seems to have a " |