From 9d41421a887f4bc4b3ba10174cf43ee2c6b76956 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 25 Jan 2024 18:14:23 +0100
Subject: libxtables: Reject negative port ranges

Analogous to XTTYPE_UINT*RC value parsing, assert consecutive port
values are not lower than previous ones.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 extensions/libxt_udp.t | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'extensions/libxt_udp.t')

diff --git a/extensions/libxt_udp.t b/extensions/libxt_udp.t
index d62dd5e3..09dff363 100644
--- a/extensions/libxt_udp.t
+++ b/extensions/libxt_udp.t
@@ -11,13 +11,13 @@
 -p udp -m udp --sport :4;-p udp -m udp --sport 0:4;OK
 -p udp -m udp --sport 4:;-p udp -m udp --sport 4:65535;OK
 -p udp -m udp --sport 4:4;-p udp -m udp --sport 4;OK
--p udp -m udp --sport 4:3;=;OK
+-p udp -m udp --sport 4:3;;FAIL
 -p udp -m udp --dport :;-p udp -m udp;OK
 -p udp -m udp ! --dport :;-p udp -m udp;OK;LEGACY;-p udp
 -p udp -m udp --dport :4;-p udp -m udp --dport 0:4;OK
 -p udp -m udp --dport 4:;-p udp -m udp --dport 4:65535;OK
 -p udp -m udp --dport 4:4;-p udp -m udp --dport 4;OK
--p udp -m udp --dport 4:3;=;OK
+-p udp -m udp --dport 4:3;;FAIL
 -p udp -m udp ! --sport 1;=;OK
 -p udp -m udp ! --sport 65535;=;OK
 -p udp -m udp ! --dport 1;=;OK
-- 
cgit v1.2.3