From 1d8efdc3ce231f08b57ee5eb5d784ccb5867c69b Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Tue, 5 Feb 2019 17:01:42 +0100
Subject: [PATCH] xshared: Explicitly pass target to command_jump()
The use of global 'optarg' variable inside that function is a mess, but
most importantly it limits its applicability to input parsers. Fix this
by having it take the option argument as a parameter.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
(cherry picked from commit 932d5c3fb94acc499c8a6264e354ab1e33316b72)
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
iptables/ip6tables.c | 2 +-
iptables/iptables.c | 2 +-
iptables/xshared.c | 4 ++--
iptables/xshared.h | 2 +-
iptables/xtables-arp.c | 2 +-
iptables/xtables-eb-translate.c | 2 +-
iptables/xtables-eb.c | 2 +-
iptables/xtables.c | 2 +-
8 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index fe089de4c85d7..050afa9a36458 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -1441,7 +1441,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'j':
set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
cs.invert);
- command_jump(&cs);
+ command_jump(&cs, optarg);
break;
diff --git a/iptables/iptables.c b/iptables/iptables.c
index f8041f56ce70d..38c4bfe8ecf5c 100644
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -1421,7 +1421,7 @@ int do_command4(int argc, char *argv[], char **table,
case 'j':
set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags,
cs.invert);
- command_jump(&cs);
+ command_jump(&cs, optarg);
break;
diff --git a/iptables/xshared.c b/iptables/xshared.c
index b16f5fa68e569..fb186fb1ac657 100644
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -653,12 +653,12 @@ const char *xt_parse_target(const char *targetname)
return targetname;
}
-void command_jump(struct iptables_command_state *cs)
+void command_jump(struct iptables_command_state *cs, const char *jumpto)
{
struct option *opts = xt_params->opts;
size_t size;
- cs->jumpto = xt_parse_target(optarg);
+ cs->jumpto = xt_parse_target(jumpto);
/* TRY_LOAD (may be chain name) */
cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
diff --git a/iptables/xshared.h b/iptables/xshared.h
index db499f29236ed..fd1f96bad1b98 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -176,6 +176,6 @@ void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags,
void command_match(struct iptables_command_state *cs);
const char *xt_parse_target(const char *targetname);
-void command_jump(struct iptables_command_state *cs);
+void command_jump(struct iptables_command_state *cs, const char *jumpto);
#endif /* IPTABLES_XSHARED_H */
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index 85bcc841b21f5..4a873b15c6833 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -1161,7 +1161,7 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table,
case 'j':
set_option(&options, OPT_JUMP, &cs.arp.arp.invflags,
invert);
- command_jump(&cs);
+ command_jump(&cs, optarg);
break;
case 'i':
diff --git a/iptables/xtables-eb-translate.c b/iptables/xtables-eb-translate.c
index 0fe14d2d0db32..96b2730fa97ed 100644
--- a/iptables/xtables-eb-translate.c
+++ b/iptables/xtables-eb-translate.c
@@ -390,7 +390,7 @@ print_zero:
break;
} else if (c == 'j') {
ebt_check_option2(&flags, OPT_JUMP);
- command_jump(&cs);
+ command_jump(&cs, optarg);
break;
} else if (c == 's') {
ebt_check_option2(&flags, OPT_SOURCE);
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index 55cb0fe204748..21344843a365a 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -1022,7 +1022,7 @@ print_zero:
} else if (c == 'j') {
ebt_check_option2(&flags, OPT_JUMP);
if (strcmp(optarg, "CONTINUE") != 0) {
- command_jump(&cs);
+ command_jump(&cs, optarg);
}
break;
} else if (c == 's') {
diff --git a/iptables/xtables.c b/iptables/xtables.c
index eaa9fedeb03bb..1d777554076d7 100644
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -820,7 +820,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[],
case 'j':
set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags,
cs->invert);
- command_jump(cs);
+ command_jump(cs, optarg);
break;
--
2.20.1