When XTOPT_POINTER is used (and yields a non-zero offsetof), we can
flag the absence of XTOPT_PUT.
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
iptables/xtoptions.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/iptables/xtoptions.c b/iptables/xtoptions.c
index 7095e3e..04344af 100644
--- a/iptables/xtoptions.c
+++ b/iptables/xtoptions.c
@@ -847,8 +847,14 @@ void xtables_option_metavalidate(const char *name,
xt_params->exit_err(OTHER_PROBLEM,
"Extension %s uses invalid ID %u\n",
name, entry->id);
- if (!(entry->flags & XTOPT_PUT))
+ if (!(entry->flags & XTOPT_PUT)) {
+ if (entry->ptroff != 0)
+ xt_params->exit_err(OTHER_PROBLEM,
+ "%s: ptroff for \"--%s\" is non-"
+ "zero but no XTOPT_PUT is specified. "
+ "Oversight?", name, entry->name);
continue;
+ }
if (entry->type >= ARRAY_SIZE(xtopt_psize) ||
xtopt_psize[entry->type] == 0)
xt_params->exit_err(OTHER_PROBLEM,
--
1.7.3.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
