[PATCH iptables 2/4] xtables: Check match/target size vs XT_ALIGN(size) at register time

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Size is known at xtables_register_match()/xtables_register_target()
calls: no need to defer it to final registration steps.

Signed-off-by: Serhey Popovych <serhe.popovych@xxxxxxxxx>
---
 libxtables/xtables.c |   30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 5aaa238..33fc158 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -857,6 +857,14 @@ void xtables_register_match(struct xtables_match *me)
 		        xt_params->program_name, me->name, me->revision);
 		exit(1);
 	}
+
+	if (me->size != XT_ALIGN(me->size)) {
+		fprintf(stderr, "%s: match \"%s\" has invalid size %u.\n",
+		        xt_params->program_name, me->name,
+		        (unsigned int)me->size);
+		exit(1);
+	}
+
 	if (strcmp(me->version, XTABLES_VERSION) != 0) {
 		fprintf(stderr, "%s: match \"%s\" has version \"%s\", "
 		        "but \"%s\" is required.\n",
@@ -985,13 +993,6 @@ static bool xtables_fully_register_pending_match(struct xtables_match *me)
 		*i = old->next;
 	}
 
-	if (me->size != XT_ALIGN(me->size)) {
-		fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
-		        xt_params->program_name, me->name,
-		        (unsigned int)me->size);
-		exit(1);
-	}
-
 	/* Append to list. */
 	for (i = &xtables_matches; *i; i = &(*i)->next);
 	me->next = NULL;
@@ -1023,6 +1024,14 @@ void xtables_register_target(struct xtables_target *me)
 		        xt_params->program_name, me->name, me->revision);
 		exit(1);
 	}
+
+	if (me->size != XT_ALIGN(me->size)) {
+		fprintf(stderr, "%s: target \"%s\" has invalid size %u.\n",
+		        xt_params->program_name, me->name,
+		        (unsigned int)me->size);
+		exit(1);
+	}
+
 	if (strcmp(me->version, XTABLES_VERSION) != 0) {
 		fprintf(stderr, "%s: target \"%s\" has version \"%s\", "
 		        "but \"%s\" is required.\n",
@@ -1094,13 +1103,6 @@ static bool xtables_fully_register_pending_target(struct xtables_target *me)
 		*i = old->next;
 	}
 
-	if (me->size != XT_ALIGN(me->size)) {
-		fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
-		        xt_params->program_name, me->name,
-		        (unsigned int)me->size);
-		exit(1);
-	}
-
 	/* Prepend to list. */
 	me->next = xtables_targets;
 	xtables_targets = me;
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux