[iptables PATCH 12/12] libxtables: xtoptions: Respect min/max values when completing ranges

Phil Sutter <phil@xxxxxx> · Fri, 2 Feb 2024 14:53:07 +0100

If an extension defines a minimum/maximum valid value for an option's
range argument, treat this as the lower/upper boundary to use when
completing (half) open ranges.

Signed-off-by: Phil Sutter <phil@xxxxxx>
---
 extensions/libxt_NFQUEUE.t | 4 ++--
 libxtables/xtoptions.c     | 9 ++++++---
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/extensions/libxt_NFQUEUE.t b/extensions/libxt_NFQUEUE.t
index 1adb8e4023099..94050500d195b 100644
--- a/extensions/libxt_NFQUEUE.t
+++ b/extensions/libxt_NFQUEUE.t
@@ -9,9 +9,9 @@
 -j NFQUEUE --queue-balance 0:65536;;FAIL
 -j NFQUEUE --queue-balance -1:65535;;FAIL
 -j NFQUEUE --queue-balance 4;;FAIL
--j NFQUEUE --queue-balance :;;FAIL
+-j NFQUEUE --queue-balance :;-j NFQUEUE --queue-balance 0:65534;OK
 -j NFQUEUE --queue-balance :4;-j NFQUEUE --queue-balance 0:4;OK
--j NFQUEUE --queue-balance 4:;-j NFQUEUE --queue-balance 4:65535;OK
+-j NFQUEUE --queue-balance 4:;-j NFQUEUE --queue-balance 4:65534;OK
 -j NFQUEUE --queue-balance 3:4;=;OK
 -j NFQUEUE --queue-balance 4:4;;FAIL
 -j NFQUEUE --queue-balance 4:3;;FAIL
diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c
index 0a995a63a2a88..774d0ee655ba7 100644
--- a/libxtables/xtoptions.c
+++ b/libxtables/xtoptions.c
@@ -289,13 +289,16 @@ static void xtopt_parse_mint(struct xt_option_call *cb)
 	const struct xt_option_entry *entry = cb->entry;
 	const char *arg;
 	size_t esize = xtopt_esize_by_type(entry->type);
-	const uintmax_t lmax = xtopt_max_by_type(entry->type);
+	uintmax_t lmax = xtopt_max_by_type(entry->type);
+	uintmax_t value, lmin = entry->min;
 	void *put = XTOPT_MKPTR(cb);
-	uintmax_t value, lmin = 0;
 	unsigned int maxiter;
 	char *end = "";
 	char sep = ':';
 
+	if (entry->max && entry->max < lmax)
+		lmax = entry->max;
+
 	maxiter = entry->size / esize;
 	if (maxiter == 0)
 		maxiter = ARRAY_SIZE(cb->val.u32_range);
@@ -312,7 +315,7 @@ static void xtopt_parse_mint(struct xt_option_call *cb)
 		if (*arg == '\0' || *arg == sep) {
 			/* Default range components when field not spec'd. */
 			end = (char *)arg;
-			value = (cb->nvals == 1) ? lmax : 0;
+			value = (cb->nvals == 1) ? lmax : lmin;
 		} else {
 			if (!xtables_strtoul(arg, &end, &value, lmin, lmax))
 				xt_params->exit_err(PARAMETER_PROBLEM,
-- 
2.43.0








