[iptables] string: fix wrong pattern length calculation
Pablo Neira
netfilter-cvslog-bounces at lists.netfilter.org
Mon Mar 2 11:58:47 CET 2009
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=409f2a8e3b2706c8c6c5e345a4bc77fca8ad7105
commit 409f2a8e3b2706c8c6c5e345a4bc77fca8ad7105
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Mon Mar 2 11:46:55 2009 +0100
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Mon Mar 2 11:46:55 2009 +0100
string: fix wrong pattern length calculation
This fixes a problem introduced in 37b4bde745698bf140d74e59a2561f34deeb8726
that leads to the wrong calculation of the pattern length in the
string match.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
via 409f2a8e3b2706c8c6c5e345a4bc77fca8ad7105 (commit)
from 71886fbb48ef50e212c43f5d7dffbab86f9ae31c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 409f2a8e3b2706c8c6c5e345a4bc77fca8ad7105
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Mon Mar 2 11:46:55 2009 +0100
string: fix wrong pattern length calculation
This fixes a problem introduced in 37b4bde745698bf140d74e59a2561f34deeb8726
that leads to the wrong calculation of the pattern length in the
string match.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
-----------------------------------------------------------------------
extensions/libxt_string.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
This fixes a problem introduced in 37b4bde745698bf140d74e59a2561f34deeb8726
that leads to the wrong calculation of the pattern length in the
string match.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index 5ea529e..ba4b720 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -64,9 +64,10 @@ static void string_init(struct xt_entry_match *m)
static void
parse_string(const char *s, struct xt_string_info *info)
{
+ /* xt_string does not need \0 at the end of the pattern */
if (strlen(s) <= XT_STRING_MAX_PATTERN_SIZE) {
strncpy(info->pattern, s, XT_STRING_MAX_PATTERN_SIZE);
- info->patlen = strlen(s);
+ info->patlen = strnlen(s, XT_STRING_MAX_PATTERN_SIZE);
return;
}
xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s);
@@ -75,7 +76,8 @@ parse_string(const char *s, struct xt_string_info *info)
static void
parse_algo(const char *s, struct xt_string_info *info)
{
- if (strlen(s) <= XT_STRING_MAX_ALGO_NAME_SIZE) {
+ /* xt_string needs \0 for algo name */
+ if (strlen(s) < XT_STRING_MAX_ALGO_NAME_SIZE) {
strncpy(info->algo, s, XT_STRING_MAX_ALGO_NAME_SIZE);
return;
}
@@ -208,8 +210,6 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
else
stringinfo->u.v1.flags |= XT_STRING_FLAG_INVERT;
}
- stringinfo->patlen = strnlen((char *)&stringinfo->pattern,
- sizeof(stringinfo->patlen));
*flags |= STRING;
break;
More information about the netfilter-cvslog
mailing list