Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. iptables>
  3. Devel
[PATCH 04/**] Properly terminate option struct
jengelh at computergmbh
Jul 24, 2007, 3:19 AM
Post #1 of 2 (1660 views)
Permalink
The option struct needs to be terminated, otherwise ip{,6}tables
will access illegal memory in merge_options().

Signed-off-by: Jan Engelhardt <jengelh@gmx.de>

---
extensions/libip6t_NFLOG.c | 1 +
extensions/libipt_NFLOG.c | 1 +
2 files changed, 2 insertions(+)

Index: iptables/extensions/libip6t_NFLOG.c
===================================================================
--- iptables.orig/extensions/libip6t_NFLOG.c
+++ iptables/extensions/libip6t_NFLOG.c
@@ -19,6 +19,7 @@ static struct option opts[] = {
{ "nflog-prefix", 1, 0, NFLOG_PREFIX },
{ "nflog-range", 1, 0, NFLOG_RANGE },
{ "nflog-threshold", 1, 0, NFLOG_THRESHOLD },
+ {NULL},
};

static void help(void)
Index: iptables/extensions/libipt_NFLOG.c
===================================================================
--- iptables.orig/extensions/libipt_NFLOG.c
+++ iptables/extensions/libipt_NFLOG.c
@@ -19,6 +19,7 @@ static struct option opts[] = {
{ "nflog-prefix", 1, 0, NFLOG_PREFIX },
{ "nflog-range", 1, 0, NFLOG_RANGE },
{ "nflog-threshold", 1, 0, NFLOG_THRESHOLD },
+ {NULL},
};

static void help(void)
Re: [PATCH 04/**] Properly terminate option struct [ In reply to ]
yasuyuki.kozakai at toshiba
Jul 30, 2007, 5:28 PM
Post #2 of 2 (1570 views)
Permalink
From: Jan Engelhardt <jengelh@computergmbh.de>

> The option struct needs to be terminated, otherwise ip{,6}tables
> will access illegal memory in merge_options().
>
> Signed-off-by: Jan Engelhardt <jengelh@gmx.de>

nice catch. Applied.

-- Yasuyuki Kozakai

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal