From patchwork Wed May 29 22:46:26 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arturo Borrero <arturo.borrero.glez@gmail.com>
X-Patchwork-Id: 247432
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 54B5E2C0084
	for <incoming@patchwork.ozlabs.org>;
	Thu, 30 May 2013 08:46:31 +1000 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S966519Ab3E2Wq3 (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Wed, 29 May 2013 18:46:29 -0400
Received: from smtp3.cica.es ([150.214.5.190]:44757 "EHLO smtp.cica.es"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S966329Ab3E2Wq3 (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);
	Wed, 29 May 2013 18:46:29 -0400
Received: from localhost (unknown [127.0.0.1])
	by smtp.cica.es (Postfix) with ESMTP id 42D6551ECD6;
	Wed, 29 May 2013 22:46:28 +0000 (UTC)
X-Virus-Scanned: amavisd-new at cica.es
Received: from smtp.cica.es ([127.0.0.1])
	by localhost (mail.cica.es [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id yMvV9oqsjo+O; Thu, 30 May 2013 00:46:28 +0200 (CEST)
Received: from nfdev.cica.es (nfdev.cica.es [IPv6:2a00:9ac0:c1ca:31::220])
	by smtp.cica.es (Postfix) with ESMTP id 1CD8551ECD5;
	Thu, 30 May 2013 00:46:28 +0200 (CEST)
Subject: [libnftables PATCH] data_reg: xml: fix invalid veredict validation
To: netfilter-devel@vger.kernel.org
From: Arturo Borrero <arturo.borrero.glez@gmail.com>
Cc: pablo@netfilter.org
Date: Thu, 30 May 2013 00:46:26 +0200
Message-ID: <20130529224626.18127.15020.stgit@nfdev.cica.es>
User-Agent: StGit/0.15
MIME-Version: 1.0
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

Other kind of validations are used all over the XML parsing code.
This validation is not valid anymore, and this patch update it.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
 src/expr/data_reg.c |    4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c
index 71b10fe..12adc18 100644
--- a/src/expr/data_reg.c
+++ b/src/expr/data_reg.c
@@ -64,10 +64,8 @@ static int nft_data_reg_verdict_xml_parse(union nft_data_reg *reg, char *xml)
 		return -1;
 	}
 
-	errno = 0;
 	tmp = strtoll(node->child->value.opaque, &endptr, 10);
-	if (tmp > INT_MAX || tmp < INT_MIN || errno != 0
-						|| strlen(endptr) > 0) {
+	if (tmp > INT_MAX || tmp < INT_MIN || *endptr) {
 		mxmlDelete(tree);
 		return -1;
 	}