Message ID | 1464626140-3449-2-git-send-email-carlosfg@riseup.net |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
On Mon, May 30, 2016 at 06:35:40PM +0200, Carlos Falgueras García wrote:
> Checks the commentary maximum length and reports to user in case of error.
Also applied and I have rewritten the subject and description too to
indicate why we need this check.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/include/rule.h b/include/rule.h index bd24648..7e8daac 100644 --- a/include/rule.h +++ b/include/rule.h @@ -428,4 +428,6 @@ enum udata_type { }; #define UDATA_TYPE_MAX (__UDATA_TYPE_MAX - 1) +#define UDATA_COMMENT_MAXLEN 128 + #endif /* NFTABLES_RULE_H */ diff --git a/src/parser_bison.y b/src/parser_bison.y index 6f51a49..0bf0e27 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -1275,6 +1275,11 @@ ruleid_spec : chain_spec handle_spec position_spec comment_spec : COMMENT string { + if (strlen($2) > UDATA_COMMENT_MAXLEN ) { + erec_queue(error(&@2, "Comment too long. %d characters maximum allowed", UDATA_COMMENT_MAXLEN), + state->msgs); + YYERROR; + } $$ = $2; } ;