|
|
cd1737 |
From 074062808c630f2efb55c7093d510b44a38e74e5 Mon Sep 17 00:00:00 2001
|
|
|
cd1737 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
cd1737 |
Date: Thu, 14 Sep 2017 15:27:47 +0200
|
|
|
cd1737 |
Subject: [PATCH] tc: m_xt: Prevent a segfault in libipt
|
|
|
cd1737 |
|
|
|
cd1737 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1465599
|
|
|
cd1737 |
Upstream Status: iproute2.git commit f6fc1055e41a8
|
|
|
cd1737 |
|
|
|
cd1737 |
commit f6fc1055e41a8a924313c336b39b9ffe0c86938b
|
|
|
cd1737 |
Author: Phil Sutter <psutter@redhat.com>
|
|
|
cd1737 |
Date: Tue May 23 15:40:57 2017 +0200
|
|
|
cd1737 |
|
|
|
cd1737 |
tc: m_xt: Prevent a segfault in libipt
|
|
|
cd1737 |
|
|
|
cd1737 |
This happens with NAT targets, such as SNAT, DNAT and MASQUERADE. These
|
|
|
cd1737 |
are still not usable with this patch, but at least tc doesn't crash
|
|
|
cd1737 |
anymore when one tries to use them.
|
|
|
cd1737 |
|
|
|
cd1737 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
cd1737 |
---
|
|
|
cd1737 |
tc/m_xt.c | 5 ++++-
|
|
|
cd1737 |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
cd1737 |
|
|
|
cd1737 |
diff --git a/tc/m_xt.c b/tc/m_xt.c
|
|
|
cd1737 |
index e59df8e..ad52d23 100644
|
|
|
cd1737 |
--- a/tc/m_xt.c
|
|
|
cd1737 |
+++ b/tc/m_xt.c
|
|
|
cd1737 |
@@ -146,6 +146,9 @@ static int parse_ipt(struct action_util *a, int *argc_p,
|
|
|
cd1737 |
char ***argv_p, int tca_id, struct nlmsghdr *n)
|
|
|
cd1737 |
{
|
|
|
cd1737 |
struct xtables_target *m = NULL;
|
|
|
cd1737 |
+#if XTABLES_VERSION_CODE >= 6
|
|
|
cd1737 |
+ struct ipt_entry fw = {};
|
|
|
cd1737 |
+#endif
|
|
|
cd1737 |
struct rtattr *tail;
|
|
|
cd1737 |
|
|
|
cd1737 |
int c;
|
|
|
cd1737 |
@@ -206,7 +209,7 @@ static int parse_ipt(struct action_util *a, int *argc_p,
|
|
|
cd1737 |
default:
|
|
|
cd1737 |
#if XTABLES_VERSION_CODE >= 6
|
|
|
cd1737 |
if (m != NULL && m->x6_parse != NULL) {
|
|
|
cd1737 |
- xtables_option_tpcall(c, argv, 0, m, NULL);
|
|
|
cd1737 |
+ xtables_option_tpcall(c, argv, 0, m, &fw;;
|
|
|
cd1737 |
#else
|
|
|
cd1737 |
if (m != NULL && m->parse != NULL) {
|
|
|
cd1737 |
m->parse(c - m->option_offset, argv, 0,
|
|
|
cd1737 |
--
|
|
|
cd1737 |
1.8.3.1
|
|
|
cd1737 |
|