Just like with 'name', if given check 'real_name' to not exceed max length. Signed-off-by: Phil Sutter <phil@xxxxxx> --- libxtables/xtables.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/libxtables/xtables.c b/libxtables/xtables.c index 6dd0b152dfecf..34a084f47c290 100644 --- a/libxtables/xtables.c +++ b/libxtables/xtables.c @@ -920,6 +920,12 @@ void xtables_register_match(struct xtables_match *me) exit(1); } + if (me->real_name && strlen(me->real_name) >= XT_EXTENSION_MAXNAMELEN) { + fprintf(stderr, "%s: match `%s' has invalid real name\n", + xt_params->program_name, me->real_name); + exit(1); + } + if (me->family >= NPROTO) { fprintf(stderr, "%s: BUG: match %s has invalid protocol family\n", @@ -1107,6 +1113,12 @@ void xtables_register_target(struct xtables_target *me) exit(1); } + if (me->real_name && strlen(me->real_name) >= XT_EXTENSION_MAXNAMELEN) { + fprintf(stderr, "%s: target `%s' has invalid real name\n", + xt_params->program_name, me->real_name); + exit(1); + } + if (me->family >= NPROTO) { fprintf(stderr, "%s: BUG: target %s has invalid protocol family\n", -- 2.19.0