Re: [PATCH 2/3] state: report spaces in the state list parsing

Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> · Wed, 19 Nov 2008 11:11:48 +0100

Jan Engelhardt wrote:
> On Wednesday 2008-11-19 00:43, Pablo Neira Ayuso wrote:
> 
>> Now this returns:
>>
>> iptables v1.4.2-rc1: `--state' requires a list of states with no
>> spaces, e.g. ESTABLISHED,RELATED
>>
>> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
>> ---
>>
>> extensions/libxt_state.c |    5 ++++-
>> 1 files changed, 4 insertions(+), 1 deletions(-)
> 
> This also needs to be done for libxt_conntrack.c I guess.

Thanks for the spot, new patch attached.

-- 
"Los honestos son inadaptados sociales" -- Les Luthiers
state: report spaces in the state list parsing

From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>

This patch adds better error reporting when the user inserts a space
between two states with the --state option.

iptables -I INPUT -m state ESTABLISHED, RELATED
                                       ^
				  mind the space

results in:

iptables v1.4.2-rc1: Bad state `'
Try `iptables -h' or 'iptables --help' for more information.

Now this returns:

iptables v1.4.2-rc1: `--state' requires a list of states with no
spaces, e.g. ESTABLISHED,RELATED

This patch also applies to libxt_conntrack which has a copy of the
function.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---

 extensions/libxt_conntrack.c |    5 ++++-
 extensions/libxt_state.c     |    5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 79ed3b8..5f3257c 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -107,7 +107,10 @@ parse_states(const char *arg, struct xt_conntrack_info *sinfo)
 			exit_error(PARAMETER_PROBLEM, "Bad ctstate `%s'", arg);
 		arg = comma+1;
 	}
-
+	if (!*arg)
+		exit_error(PARAMETER_PROBLEM, "`--ctstate' requires a list of "
+					      "states with no spaces, e.g. "
+					      "ESTABLISHED,RELATED");
 	if (strlen(arg) == 0 || !parse_state(arg, strlen(arg), sinfo))
 		exit_error(PARAMETER_PROBLEM, "Bad ctstate `%s'", arg);
 }
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index 3af2e48..ae8ae7b 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -54,7 +54,10 @@ state_parse_states(const char *arg, struct xt_state_info *sinfo)
 			exit_error(PARAMETER_PROBLEM, "Bad state `%s'", arg);
 		arg = comma+1;
 	}
-
+	if (!*arg)
+		exit_error(PARAMETER_PROBLEM, "`--state' requires a list of "
+					      "states with no spaces, e.g. "
+					      "ESTABLISHED,RELATED");
 	if (strlen(arg) == 0 || !state_parse_state(arg, strlen(arg), sinfo))
 		exit_error(PARAMETER_PROBLEM, "Bad state `%s'", arg);
 }




