laurenceman / rpms / iptables

Forked from rpms/iptables 5 years ago
Clone

Blame SOURCES/0050-xshared-Explicitly-pass-target-to-command_jump.patch

029dc7
From 715e2fa36e08f0ee800347d8abea039e5347b1dc Mon Sep 17 00:00:00 2001
029dc7
From: Phil Sutter <phil@nwl.cc>
029dc7
Date: Tue, 5 Feb 2019 17:01:42 +0100
029dc7
Subject: [PATCH] xshared: Explicitly pass target to command_jump()
029dc7
029dc7
The use of global 'optarg' variable inside that function is a mess, but
029dc7
most importantly it limits its applicability to input parsers. Fix this
029dc7
by having it take the option argument as a parameter.
029dc7
029dc7
Signed-off-by: Phil Sutter <phil@nwl.cc>
029dc7
Signed-off-by: Florian Westphal <fw@strlen.de>
029dc7
(cherry picked from commit 932d5c3fb94acc499c8a6264e354ab1e33316b72)
029dc7
Signed-off-by: Phil Sutter <psutter@redhat.com>
029dc7
---
029dc7
 iptables/ip6tables.c            | 2 +-
029dc7
 iptables/iptables.c             | 2 +-
029dc7
 iptables/xshared.c              | 4 ++--
029dc7
 iptables/xshared.h              | 2 +-
029dc7
 iptables/xtables-arp.c          | 2 +-
029dc7
 iptables/xtables-eb-translate.c | 2 +-
029dc7
 iptables/xtables-eb.c           | 2 +-
029dc7
 iptables/xtables.c              | 2 +-
029dc7
 8 files changed, 9 insertions(+), 9 deletions(-)
029dc7
029dc7
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
029dc7
index fe089de4c85d7..050afa9a36458 100644
029dc7
--- a/iptables/ip6tables.c
029dc7
+++ b/iptables/ip6tables.c
029dc7
@@ -1441,7 +1441,7 @@ int do_command6(int argc, char *argv[], char **table,
029dc7
 		case 'j':
029dc7
 			set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
029dc7
 					cs.invert);
029dc7
-			command_jump(&cs);
029dc7
+			command_jump(&cs, optarg);
029dc7
 			break;
029dc7
 
029dc7
 
029dc7
diff --git a/iptables/iptables.c b/iptables/iptables.c
029dc7
index f8041f56ce70d..38c4bfe8ecf5c 100644
029dc7
--- a/iptables/iptables.c
029dc7
+++ b/iptables/iptables.c
029dc7
@@ -1421,7 +1421,7 @@ int do_command4(int argc, char *argv[], char **table,
029dc7
 		case 'j':
029dc7
 			set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags,
029dc7
 				   cs.invert);
029dc7
-			command_jump(&cs);
029dc7
+			command_jump(&cs, optarg);
029dc7
 			break;
029dc7
 
029dc7
 
029dc7
diff --git a/iptables/xshared.c b/iptables/xshared.c
029dc7
index b16f5fa68e569..fb186fb1ac657 100644
029dc7
--- a/iptables/xshared.c
029dc7
+++ b/iptables/xshared.c
029dc7
@@ -653,12 +653,12 @@ const char *xt_parse_target(const char *targetname)
029dc7
 	return targetname;
029dc7
 }
029dc7
 
029dc7
-void command_jump(struct iptables_command_state *cs)
029dc7
+void command_jump(struct iptables_command_state *cs, const char *jumpto)
029dc7
 {
029dc7
 	struct option *opts = xt_params->opts;
029dc7
 	size_t size;
029dc7
 
029dc7
-	cs->jumpto = xt_parse_target(optarg);
029dc7
+	cs->jumpto = xt_parse_target(jumpto);
029dc7
 	/* TRY_LOAD (may be chain name) */
029dc7
 	cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
029dc7
 
029dc7
diff --git a/iptables/xshared.h b/iptables/xshared.h
029dc7
index db499f29236ed..fd1f96bad1b98 100644
029dc7
--- a/iptables/xshared.h
029dc7
+++ b/iptables/xshared.h
029dc7
@@ -176,6 +176,6 @@ void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags,
029dc7
 
029dc7
 void command_match(struct iptables_command_state *cs);
029dc7
 const char *xt_parse_target(const char *targetname);
029dc7
-void command_jump(struct iptables_command_state *cs);
029dc7
+void command_jump(struct iptables_command_state *cs, const char *jumpto);
029dc7
 
029dc7
 #endif /* IPTABLES_XSHARED_H */
029dc7
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
029dc7
index 85bcc841b21f5..4a873b15c6833 100644
029dc7
--- a/iptables/xtables-arp.c
029dc7
+++ b/iptables/xtables-arp.c
029dc7
@@ -1161,7 +1161,7 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table,
029dc7
 		case 'j':
029dc7
 			set_option(&options, OPT_JUMP, &cs.arp.arp.invflags,
029dc7
 				   invert);
029dc7
-			command_jump(&cs);
029dc7
+			command_jump(&cs, optarg);
029dc7
 			break;
029dc7
 
029dc7
 		case 'i':
029dc7
diff --git a/iptables/xtables-eb-translate.c b/iptables/xtables-eb-translate.c
029dc7
index 0fe14d2d0db32..96b2730fa97ed 100644
029dc7
--- a/iptables/xtables-eb-translate.c
029dc7
+++ b/iptables/xtables-eb-translate.c
029dc7
@@ -390,7 +390,7 @@ print_zero:
029dc7
 				break;
029dc7
 			} else if (c == 'j') {
029dc7
 				ebt_check_option2(&flags, OPT_JUMP);
029dc7
-				command_jump(&cs);
029dc7
+				command_jump(&cs, optarg);
029dc7
 				break;
029dc7
 			} else if (c == 's') {
029dc7
 				ebt_check_option2(&flags, OPT_SOURCE);
029dc7
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
029dc7
index 55cb0fe204748..21344843a365a 100644
029dc7
--- a/iptables/xtables-eb.c
029dc7
+++ b/iptables/xtables-eb.c
029dc7
@@ -1022,7 +1022,7 @@ print_zero:
029dc7
 			} else if (c == 'j') {
029dc7
 				ebt_check_option2(&flags, OPT_JUMP);
029dc7
 				if (strcmp(optarg, "CONTINUE") != 0) {
029dc7
-					command_jump(&cs);
029dc7
+					command_jump(&cs, optarg);
029dc7
 				}
029dc7
 				break;
029dc7
 			} else if (c == 's') {
029dc7
diff --git a/iptables/xtables.c b/iptables/xtables.c
029dc7
index eaa9fedeb03bb..1d777554076d7 100644
029dc7
--- a/iptables/xtables.c
029dc7
+++ b/iptables/xtables.c
029dc7
@@ -820,7 +820,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[],
029dc7
 		case 'j':
029dc7
 			set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags,
029dc7
 				   cs->invert);
029dc7
-			command_jump(cs);
029dc7
+			command_jump(cs, optarg);
029dc7
 			break;
029dc7
 
029dc7
 
029dc7
-- 
029dc7
2.21.0
029dc7