From 0cb675b8f18c4b074d4c69461638820708e98100 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@medozas.de>
Date: Mon, 7 Jun 2010 11:50:25 +0200
Subject: xtables: another try at chain name length checking

Since XT_EXTENSION_MAXNAMELEN is now available, make use of it
and clear the confusion.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
 ip6tables.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'ip6tables.c')

diff --git a/ip6tables.c b/ip6tables.c
index 4e73d34e..2fff21bf 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -456,10 +456,10 @@ parse_target(const char *targetname)
 		xtables_error(PARAMETER_PROBLEM,
 			   "Invalid target name (too short)");
 
-	if (strlen(targetname) > XT_FUNCTION_MAXNAMELEN - 1)
+	if (strlen(targetname) >= XT_EXTENSION_MAXNAMELEN)
 		xtables_error(PARAMETER_PROBLEM,
 			   "Invalid target name `%s' (%u chars max)",
-			   targetname, XT_FUNCTION_MAXNAMELEN - 1);
+			   targetname, XT_EXTENSION_MAXNAMELEN - 1);
 
 	for (ptr = targetname; *ptr; ptr++)
 		if (isspace(*ptr))
-- 
cgit v1.2.3


From 11c2dd54b69e06ae3f35dea130ecba3df3859243 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@medozas.de>
Date: Mon, 7 Jun 2010 12:00:24 +0200
Subject: xtables: remove xtables_set_revision function

Since iptables uses its own copies of the header files anyway where the
revision field is exposed, there is no reach to access name[] beyond its
size.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
 ip6tables.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'ip6tables.c')

diff --git a/ip6tables.c b/ip6tables.c
index 2fff21bf..6c5d124c 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1558,8 +1558,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 				target->t = xtables_calloc(1, size);
 				target->t->u.target_size = size;
 				strcpy(target->t->u.user.name, jumpto);
-				xtables_set_revision(target->t->u.user.name,
-					     target->revision);
+				target->t->u.user.revision = target->revision;
 				if (target->init != NULL)
 					target->init(target->t);
 				opts = xtables_merge_options(opts,
@@ -1611,7 +1610,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 			m->m = xtables_calloc(1, size);
 			m->m->u.match_size = size;
 			strcpy(m->m->u.user.name, m->name);
-			xtables_set_revision(m->m->u.user.name, m->revision);
+			m->m->u.user.revision = m->revision;
 			if (m->init != NULL)
 				m->init(m->m);
 			if (m != m->next)
@@ -1759,8 +1758,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 					m->m = xtables_calloc(1, size);
 					m->m->u.match_size = size;
 					strcpy(m->m->u.user.name, m->name);
-					xtables_set_revision(m->m->u.user.name,
-						     m->revision);
+					m->m->u.user.revision = m->revision;
 					if (m->init != NULL)
 						m->init(m->m);
 
-- 
cgit v1.2.3