summaryrefslogtreecommitdiffstats
path: root/iptables.c
diff options
context:
space:
mode:
authorRusty Russell <rusty@linuxcare.com.au>2000-07-03 10:17:57 +0000
committerRusty Russell <rusty@rustcorp.com.au>2000-07-03 10:17:57 +0000
commit73f72f541ac4dab538d4d418b9bbf1707b31342b (patch)
tree4709c168a349e6bd1a4f01e522dba0d342618b0b /iptables.c
parent4b3c03de8ea5419e5d92b1af8363da9a8201d68f (diff)
Aligning matchsize and targetsize now responsibility of extension writers
(PPC fix).
Diffstat (limited to 'iptables.c')
-rw-r--r--iptables.c39
1 files changed, 26 insertions, 13 deletions
diff --git a/iptables.c b/iptables.c
index a3ce827c..6d62cabc 100644
--- a/iptables.c
+++ b/iptables.c
@@ -928,6 +928,12 @@ register_match(struct iptables_match *me)
exit(1);
}
+ if (me->size != IPT_ALIGN(me->size)) {
+ fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
+ program_name, me->name, me->size);
+ exit(1);
+ }
+
/* Prepend to list. */
me->next = iptables_matches;
iptables_matches = me;
@@ -952,6 +958,12 @@ register_target(struct iptables_target *me)
exit(1);
}
+ if (me->size != IPT_ALIGN(me->size)) {
+ fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
+ program_name, me->name, me->size);
+ exit(1);
+ }
+
/* Prepend to list. */
me->next = iptables_targets;
iptables_targets = me;
@@ -1266,10 +1278,10 @@ make_delete_mask(struct ipt_entry *fw)
size = sizeof(struct ipt_entry);
for (m = iptables_matches; m; m = m->next)
- size += sizeof(struct ipt_entry_match) + m->size;
+ size += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
mask = fw_calloc(1, size
- + sizeof(struct ipt_entry_target)
+ + IPT_ALIGN(sizeof(struct ipt_entry_target))
+ iptables_targets->size);
memset(mask, 0xFF, sizeof(struct ipt_entry));
@@ -1277,13 +1289,14 @@ make_delete_mask(struct ipt_entry *fw)
for (m = iptables_matches; m; m = m->next) {
memset(mptr, 0xFF,
- sizeof(struct ipt_entry_match) + m->userspacesize);
- mptr += sizeof(struct ipt_entry_match) + m->size;
+ IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->userspacesize);
+ mptr += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
}
- memset(mptr, 0xFF, sizeof(struct ipt_entry_target));
- mptr += sizeof(struct ipt_entry_target);
- memset(mptr, 0xFF, iptables_targets->userspacesize);
+ memset(mptr, 0xFF,
+ IPT_ALIGN(sizeof(struct ipt_entry_target))
+ + iptables_targets->userspacesize);
return mask;
}
@@ -1703,8 +1716,8 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
if (target) {
size_t size;
- size = IPT_ALIGN(sizeof(struct ipt_entry_target)
- + target->size);
+ size = IPT_ALIGN(sizeof(struct ipt_entry_target))
+ + target->size;
target->t = fw_calloc(1, size);
target->t->u.target_size = size;
@@ -1758,8 +1771,8 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
"unexpected ! flag before --match");
m = find_match(optarg, LOAD_MUST_SUCCEED);
- size = IPT_ALIGN(sizeof(struct ipt_entry_match)
- + m->size);
+ size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->size;
m->m = fw_calloc(1, size);
m->m->u.match_size = size;
strcpy(m->m->u.user.name, m->name);
@@ -1839,8 +1852,8 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
/* Try loading protocol */
size_t size;
- size = IPT_ALIGN(sizeof(struct ipt_entry_match)
- + m->size);
+ size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->size;
m->m = fw_calloc(1, size);
m->m->u.match_size = size;