While testing many match extensions in a single rule, I ran into this
error not warned about. Arguments were just ignored, causing
surprising "Need to specify an argument to --whatever" when the
argument was in fact given on the command line.
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
ip6tables-restore.c | 5 ++++-
iptables-restore.c | 5 ++++-
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index cea5f36..9948cd6 100644
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -103,8 +103,11 @@ static int add_argv(char *what) {
newargv[newargc] = strdup(what);
newargc++;
return 1;
- } else
+ } else {
+ xtables_error(PARAMETER_PROBLEM,
+ "Parser cannot handle more arguments\n");
return 0;
+ }
}
static void free_argv(void) {
diff --git a/iptables-restore.c b/iptables-restore.c
index bf80e78..519d480 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -103,8 +103,11 @@ static int add_argv(char *what) {
newargv[newargc] = strdup(what);
newargc++;
return 1;
- } else
+ } else {
+ xtables_error(PARAMETER_PROBLEM,
+ "Parser cannot handle more arguments\n");
return 0;
+ }
}
static void free_argv(void) {
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
