From 932d5c3fb94acc499c8a6264e354ab1e33316b72 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 5 Feb 2019 17:01:42 +0100 Subject: xshared: Explicitly pass target to command_jump() The use of global 'optarg' variable inside that function is a mess, but most importantly it limits its applicability to input parsers. Fix this by having it take the option argument as a parameter. Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- iptables/ip6tables.c | 2 +- iptables/iptables.c | 2 +- iptables/xshared.c | 4 ++-- iptables/xshared.h | 2 +- iptables/xtables-arp.c | 2 +- iptables/xtables-eb-translate.c | 2 +- iptables/xtables-eb.c | 2 +- iptables/xtables.c | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) (limited to 'iptables') diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index fe089de4..050afa9a 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -1441,7 +1441,7 @@ int do_command6(int argc, char *argv[], char **table, case 'j': set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags, cs.invert); - command_jump(&cs); + command_jump(&cs, optarg); break; diff --git a/iptables/iptables.c b/iptables/iptables.c index f8041f56..38c4bfe8 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -1421,7 +1421,7 @@ int do_command4(int argc, char *argv[], char **table, case 'j': set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags, cs.invert); - command_jump(&cs); + command_jump(&cs, optarg); break; diff --git a/iptables/xshared.c b/iptables/xshared.c index b16f5fa6..fb186fb1 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -653,12 +653,12 @@ const char *xt_parse_target(const char *targetname) return targetname; } -void command_jump(struct iptables_command_state *cs) +void command_jump(struct iptables_command_state *cs, const char *jumpto) { struct option *opts = xt_params->opts; size_t size; - cs->jumpto = xt_parse_target(optarg); + cs->jumpto = xt_parse_target(jumpto); /* TRY_LOAD (may be chain name) */ cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD); diff --git a/iptables/xshared.h b/iptables/xshared.h index db499f29..fd1f96ba 100644 --- a/iptables/xshared.h +++ b/iptables/xshared.h @@ -176,6 +176,6 @@ void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags, void command_match(struct iptables_command_state *cs); const char *xt_parse_target(const char *targetname); -void command_jump(struct iptables_command_state *cs); +void command_jump(struct iptables_command_state *cs, const char *jumpto); #endif /* IPTABLES_XSHARED_H */ diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c index 4b663775..d3cb9df8 100644 --- a/iptables/xtables-arp.c +++ b/iptables/xtables-arp.c @@ -1161,7 +1161,7 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table, case 'j': set_option(&options, OPT_JUMP, &cs.arp.arp.invflags, invert); - command_jump(&cs); + command_jump(&cs, optarg); break; case 'i': diff --git a/iptables/xtables-eb-translate.c b/iptables/xtables-eb-translate.c index 0fe14d2d..96b2730f 100644 --- a/iptables/xtables-eb-translate.c +++ b/iptables/xtables-eb-translate.c @@ -390,7 +390,7 @@ print_zero: break; } else if (c == 'j') { ebt_check_option2(&flags, OPT_JUMP); - command_jump(&cs); + command_jump(&cs, optarg); break; } else if (c == 's') { ebt_check_option2(&flags, OPT_SOURCE); diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c index 75d43963..4d2e6f68 100644 --- a/iptables/xtables-eb.c +++ b/iptables/xtables-eb.c @@ -1011,7 +1011,7 @@ print_zero: } else if (c == 'j') { ebt_check_option2(&flags, OPT_JUMP); if (strcmp(optarg, "CONTINUE") != 0) { - command_jump(&cs); + command_jump(&cs, optarg); } break; } else if (c == 's') { diff --git a/iptables/xtables.c b/iptables/xtables.c index eaa9fede..1d777554 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -820,7 +820,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], case 'j': set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags, cs->invert); - command_jump(cs); + command_jump(cs, optarg); break; -- cgit v1.2.3