On Thursday 2010-09-16 02:29, Stig Thormodsrud wrote: >> - if (chain && strlen(chain) > IPT_FUNCTION_MAXNAMELEN) >> + if (chain != NULL && strlen(chain) >= XT_EXTENSION_MAXNAMELEN) >> xtables_error(PARAMETER_PROBLEM, >> - "chain name `%s' too long (must be under %i chars)", >> - chain, IPT_FUNCTION_MAXNAMELEN); >> + "chain name `%s' too long (must be under %u chars)", >> + chain, XT_EXTENSION_MAXNAMELEN); >> >> /* only allocate handle if we weren't called with a handle */ >> if (!*handle) > >Thanks for the fix. I guess my original question was if the change in >max name length from 29 to 28 characters was intentional or required by >some other data structure change? struct xt_entry_match simply just has space for 28+1 bytes for the name+'\0'. Chain names could be 31+1, but it is unknown in advance whether a name whose length is to be checked is going to be a target or a chain, so it is safer to just use 29 for now. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
