From aeb8af909befedbfc85e9f184471b219e4ea191a Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Sat, 9 Apr 2011 21:29:08 +0200
Subject: Fix set match/target direction parser

The direction parser did not catch when more src/dst direction
parameters were supplied than allowed.
---
 extensions/libxt_set.h | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'extensions')

diff --git a/extensions/libxt_set.h b/extensions/libxt_set.h
index 6b936911..4ac84fa9 100644
--- a/extensions/libxt_set.h
+++ b/extensions/libxt_set.h
@@ -114,7 +114,7 @@ parse_dirs_v0(const char *opt_arg, struct xt_set_info_v0 *info)
 	if (tmp)
 		xtables_error(PARAMETER_PROBLEM,
 			      "Can't be more src/dst options than %i.", 
-			      IPSET_DIM_MAX - 1);
+			      IPSET_DIM_MAX);
 
 	free(saved);
 }
@@ -124,9 +124,8 @@ parse_dirs(const char *opt_arg, struct xt_set_info *info)
 {
 	char *saved = strdup(opt_arg);
 	char *ptr, *tmp = saved;
-	int i = 0;
 	
-	while (i < (IPSET_DIM_MAX - 1) && tmp != NULL) {
+	while (info->dim < IPSET_DIM_MAX && tmp != NULL) {
 		info->dim++;
 		ptr = strsep(&tmp, ",");
 		if (strncmp(ptr, "src", 3) == 0)
@@ -139,7 +138,7 @@ parse_dirs(const char *opt_arg, struct xt_set_info *info)
 	if (tmp)
 		xtables_error(PARAMETER_PROBLEM,
 			      "Can't be more src/dst options than %i.", 
-			      IPSET_DIM_MAX - 1);
+			      IPSET_DIM_MAX);
 
 	free(saved);
 }
-- 
cgit v1.2.3