On Tuesday 2008-04-22 01:13, Charles Romestant wrote:
>Ok im trying to add the rule to a table named charz, here is the code :
>
>char *command;
> FILE *fp = popen("/sbin/iptables",'w');
> if (fp==NULL){
> printf("\nerror opening pipe\n");
> return -1;
> }else{
> sprintf(command,"-A charz -p tcp --dport %s --source %s -j
>%s\0",port,currentIp,action2);
> printf("\n\n\n%s\n\n\n",command);
> fwrite(command,strlen(command),1,fp);
> pclose(fp);
(1) sprintf may overflow here
(2) do not call pclose() with fp==NULL (but I suppose it's entirely
in the else block anyway)
but most importantly:
(3) iptables does not read from stdin, so fwrite() is the wrong thing
to start with.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
