diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2010-09-13 15:45:15 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2010-09-13 15:50:44 +0200 |
commit | 5429b41c2bb4ac8fe672a1513a041c0ed0c241f6 (patch) | |
tree | 54f6b68059b6ca468660da6b424c59eeb9332b52 /iptables.c | |
parent | 0195836374cd195b13e0653ec9355a8ecd174313 (diff) |
iptables: limit chain name length to be consistent with targets
Creationg of chain names longer than the ones being able to jump to
should be inhibited for consistency.
References: http://marc.info/?l=netfilter-devel&m=128397022618316&w=2
Cc: Stig Thormodsrud <stig@vyatta.com>
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'iptables.c')
-rw-r--r-- | iptables.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -1876,10 +1876,10 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle generic_opt_check(command, options); - if (chain && strlen(chain) > IPT_FUNCTION_MAXNAMELEN) + if (chain != NULL && strlen(chain) >= XT_EXTENSION_MAXNAMELEN) xtables_error(PARAMETER_PROBLEM, - "chain name `%s' too long (must be under %i chars)", - chain, IPT_FUNCTION_MAXNAMELEN); + "chain name `%s' too long (must be under %u chars)", + chain, XT_EXTENSION_MAXNAMELEN); /* only allocate handle if we weren't called with a handle */ if (!*handle) |