From 45989e8fbec52fcbafa5ae9917fc2a0d62e3640d Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 22 Oct 2019 22:49:29 +0200 Subject: xshared: Share a common add_command() implementation The shared definition of cmdflags is a super set of the previous one in xtables-arp.c so while not being identical, they're compatible. Avoid accidental array overstep in cmd2char() by incrementing an index variable and checking its final value before using it as such. Signed-off-by: Phil Sutter Acked-by: Pablo Neira Ayuso --- iptables/xshared.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'iptables/xshared.c') diff --git a/iptables/xshared.c b/iptables/xshared.c index 97f1b5d2..3baa805c 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -732,3 +732,30 @@ void command_jump(struct iptables_command_state *cs, const char *jumpto) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); xt_params->opts = opts; } + +char cmd2char(int option) +{ + /* cmdflags index corresponds with position of bit in CMD_* values */ + static const char cmdflags[] = { 'I', 'D', 'D', 'R', 'A', 'L', 'F', 'Z', + 'N', 'X', 'P', 'E', 'S', 'Z', 'C' }; + int i; + + for (i = 0; option > 1; option >>= 1, i++) + ; + if (i >= ARRAY_SIZE(cmdflags)) + xtables_error(OTHER_PROBLEM, + "cmd2char(): Invalid command number %u.\n", + 1 << i); + return cmdflags[i]; +} + +void add_command(unsigned int *cmd, const int newcmd, + const int othercmds, int invert) +{ + if (invert) + xtables_error(PARAMETER_PROBLEM, "unexpected '!' flag"); + if (*cmd & (~othercmds)) + xtables_error(PARAMETER_PROBLEM, "Cannot use -%c with -%c\n", + cmd2char(newcmd), cmd2char(*cmd & (~othercmds))); + *cmd |= newcmd; +} -- cgit v1.2.3