Blame SOURCES/0010-tc-m_xt-Prevent-a-segfault-in-libipt.patch

be97f7
From 074062808c630f2efb55c7093d510b44a38e74e5 Mon Sep 17 00:00:00 2001
be97f7
From: Phil Sutter <psutter@redhat.com>
be97f7
Date: Thu, 14 Sep 2017 15:27:47 +0200
be97f7
Subject: [PATCH] tc: m_xt: Prevent a segfault in libipt
be97f7
be97f7
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1465599
be97f7
Upstream Status: iproute2.git commit f6fc1055e41a8
be97f7
be97f7
commit f6fc1055e41a8a924313c336b39b9ffe0c86938b
be97f7
Author: Phil Sutter <psutter@redhat.com>
be97f7
Date:   Tue May 23 15:40:57 2017 +0200
be97f7
be97f7
    tc: m_xt: Prevent a segfault in libipt
be97f7
be97f7
    This happens with NAT targets, such as SNAT, DNAT and MASQUERADE. These
be97f7
    are still not usable with this patch, but at least tc doesn't crash
be97f7
    anymore when one tries to use them.
be97f7
be97f7
    Signed-off-by: Phil Sutter <phil@nwl.cc>
be97f7
---
be97f7
 tc/m_xt.c | 5 ++++-
be97f7
 1 file changed, 4 insertions(+), 1 deletion(-)
be97f7
be97f7
diff --git a/tc/m_xt.c b/tc/m_xt.c
be97f7
index e59df8e..ad52d23 100644
be97f7
--- a/tc/m_xt.c
be97f7
+++ b/tc/m_xt.c
be97f7
@@ -146,6 +146,9 @@ static int parse_ipt(struct action_util *a, int *argc_p,
be97f7
 		     char ***argv_p, int tca_id, struct nlmsghdr *n)
be97f7
 {
be97f7
 	struct xtables_target *m = NULL;
be97f7
+#if XTABLES_VERSION_CODE >= 6
be97f7
+	struct ipt_entry fw = {};
be97f7
+#endif
be97f7
 	struct rtattr *tail;
be97f7
 
be97f7
 	int c;
be97f7
@@ -206,7 +209,7 @@ static int parse_ipt(struct action_util *a, int *argc_p,
be97f7
 		default:
be97f7
 #if XTABLES_VERSION_CODE >= 6
be97f7
 			if (m != NULL && m->x6_parse != NULL) {
be97f7
-				xtables_option_tpcall(c, argv, 0, m, NULL);
be97f7
+				xtables_option_tpcall(c, argv, 0, m, &fw;;
be97f7
 #else
be97f7
 			if (m != NULL && m->parse != NULL) {
be97f7
 				m->parse(c - m->option_offset, argv, 0,
be97f7
-- 
be97f7
1.8.3.1
be97f7