[iptables] conntrack: fix --expires parsing

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Fri Nov 20 15:00:50 CET 2009


Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=f294f843473718f8d32745600b9a97c0b799e7c5
commit f294f843473718f8d32745600b9a97c0b799e7c5
Author:     Patrick McHardy <kaber at trash.net>
AuthorDate: Fri Nov 20 14:58:11 2009 +0100
Commit:     Patrick McHardy <kaber at trash.net>
CommitDate: Fri Nov 20 14:58:11 2009 +0100

    conntrack: fix --expires parsing
    
    Using ranges in --ctexpire results in a parsing error:
    
    conntrack: Bad value for "--expires" option: "1:1000"
    
    The first value is parsed twice, after which the end pointer doesn't
    point to the expected '\0' but to the colon.
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>
       via  f294f843473718f8d32745600b9a97c0b799e7c5 (commit)
      from  588b615bc78ddef3752f356d1e243129c4dbba96 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f294f843473718f8d32745600b9a97c0b799e7c5
Author: Patrick McHardy <kaber at trash.net>
Date:   Fri Nov 20 14:58:11 2009 +0100

    conntrack: fix --expires parsing
    
    Using ranges in --ctexpire results in a parsing error:
    
    conntrack: Bad value for "--expires" option: "1:1000"
    
    The first value is parsed twice, after which the end pointer doesn't
    point to the expected '\0' but to the colon.
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>

-----------------------------------------------------------------------

 extensions/libxt_conntrack.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
Using ranges in --ctexpire results in a parsing error:

conntrack: Bad value for "--expires" option: "1:1000"

The first value is parsed twice, after which the end pointer doesn't
point to the expected '\0' but to the colon.

Signed-off-by: Patrick McHardy <kaber at trash.net>

diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index d30871f..5ca734d 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -273,7 +273,7 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo2 *info, const char *s)
 		xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
 	max = min;
 	if (*end == ':')
-		if (!xtables_strtoui(s, &end, &max, 0, UINT32_MAX))
+		if (!xtables_strtoui(end + 1, &end, &max, 0, UINT32_MAX))
 			xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
 	if (*end != '\0')
 		xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);



More information about the netfilter-cvslog mailing list