From patchwork Wed Mar 7 09:10:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Serhey Popovych X-Patchwork-Id: 882483 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="QocLUh08"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3zx7Cy3SZ0z9sfN for ; Wed, 7 Mar 2018 20:10:54 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751195AbeCGJKx (ORCPT ); Wed, 7 Mar 2018 04:10:53 -0500 Received: from mail-lf0-f68.google.com ([209.85.215.68]:38867 "EHLO mail-lf0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751059AbeCGJKw (ORCPT ); Wed, 7 Mar 2018 04:10:52 -0500 Received: by mail-lf0-f68.google.com with SMTP id i80-v6so2142712lfg.5 for ; Wed, 07 Mar 2018 01:10:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=wfgFA8f2ndCKk/wGvU4mT6XvsPSijWW99fIEEL6GHAY=; b=QocLUh08KA48dbqeI6nS5x1mENcWbp8nGk8JxmtNOxCBi4n+a94k05ha8MAf2hq2q5 7QB4OiCApbGhHNuduCGnX+omDAEXVj9odH6jy4vF7IaER2O+9VZdZbsqIo/vXrIscpde 4p5UnTOwF/zW3t/UBj29ITyko+jESZE2BS4n+jSSdHL7W1YFHXPLDBmBeiPwMjpGYIEU QfJ54vbTvPzQYydA0pc+rqi/TiQuGfO6M3LJovdH2TGtVRSADqkFyUnVdvZ3VB9T4GDQ 72+iUMsOtfwoYKq/q+JHxXdoE3+BdP+aZ1BtLEI7w15OqEEq5Dslj6QkNZ8lAZiHsCQN y4jw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=wfgFA8f2ndCKk/wGvU4mT6XvsPSijWW99fIEEL6GHAY=; b=ZJiqIfszEe2ySW+OZU1A0J4r9VpBdgaot03zoS6dyC/aiojh7C3xeHIztNioGcdW4e 79u6uksjhwZJv06aHXVvxaD1UYXNUZIazMfpYYmD9TqPfRYzY+1mWz1ufN/3m/zBS0ti mC/bbCPSpbbhIyjhhjPlW7W5e8tG1Cxlrbvrg9V0DMByn/YmxO4ykY2nTztYsWpucz60 iQseY2WmP7GMoim0p9DALb4yV76KDvQdX16Jwgtn/QJB6KKG/HP7ttzEKUo6z1gJxNb2 L9Slp2P6Nhn7xX2A92eEhKkMyA6xg/Edo1fkKeaRVKTumWK+lrGuzga8OWg3oK5ZcJnP wRxg== X-Gm-Message-State: AElRT7GlXUS58pBgj1rwFXN+qBc5iRrWE6AR8TjlOQao4xHiV6q6u3sH wUCmt/wpZZz1PF1t0byk9Xup0A== X-Google-Smtp-Source: AG47ELuk2AsjPOrJc5yeYwT/KuVec7CwzbLm1M3c36avpcwNi7xX87KchgAjvj5KorudpOCvGm3WUw== X-Received: by 10.46.33.156 with SMTP id h28mr10266995lji.126.1520413850359; Wed, 07 Mar 2018 01:10:50 -0800 (PST) Received: from tuxracer.localdomain ([2a01:6d80::195:20:96:53]) by smtp.gmail.com with ESMTPSA id j7sm3643490lfh.46.2018.03.07.01.10.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Mar 2018 01:10:49 -0800 (PST) From: Serhey Popovych To: netfilter-devel@vger.kernel.org Cc: willem.j.debruijn@gmail.com Subject: [PATCH iptables 2/4] xtables: Check match/target size vs XT_ALIGN(size) at register time Date: Wed, 7 Mar 2018 11:10:41 +0200 Message-Id: <1520413843-24456-3-git-send-email-serhe.popovych@gmail.com> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1520413843-24456-1-git-send-email-serhe.popovych@gmail.com> References: <1520413843-24456-1-git-send-email-serhe.popovych@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Size is known at xtables_register_match()/xtables_register_target() calls: no need to defer it to final registration steps. Signed-off-by: Serhey Popovych --- libxtables/xtables.c | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/libxtables/xtables.c b/libxtables/xtables.c index 5aaa238..33fc158 100644 --- a/libxtables/xtables.c +++ b/libxtables/xtables.c @@ -857,6 +857,14 @@ void xtables_register_match(struct xtables_match *me) xt_params->program_name, me->name, me->revision); exit(1); } + + if (me->size != XT_ALIGN(me->size)) { + fprintf(stderr, "%s: match \"%s\" has invalid size %u.\n", + xt_params->program_name, me->name, + (unsigned int)me->size); + exit(1); + } + if (strcmp(me->version, XTABLES_VERSION) != 0) { fprintf(stderr, "%s: match \"%s\" has version \"%s\", " "but \"%s\" is required.\n", @@ -985,13 +993,6 @@ static bool xtables_fully_register_pending_match(struct xtables_match *me) *i = old->next; } - if (me->size != XT_ALIGN(me->size)) { - fprintf(stderr, "%s: match `%s' has invalid size %u.\n", - xt_params->program_name, me->name, - (unsigned int)me->size); - exit(1); - } - /* Append to list. */ for (i = &xtables_matches; *i; i = &(*i)->next); me->next = NULL; @@ -1023,6 +1024,14 @@ void xtables_register_target(struct xtables_target *me) xt_params->program_name, me->name, me->revision); exit(1); } + + if (me->size != XT_ALIGN(me->size)) { + fprintf(stderr, "%s: target \"%s\" has invalid size %u.\n", + xt_params->program_name, me->name, + (unsigned int)me->size); + exit(1); + } + if (strcmp(me->version, XTABLES_VERSION) != 0) { fprintf(stderr, "%s: target \"%s\" has version \"%s\", " "but \"%s\" is required.\n", @@ -1094,13 +1103,6 @@ static bool xtables_fully_register_pending_target(struct xtables_target *me) *i = old->next; } - if (me->size != XT_ALIGN(me->size)) { - fprintf(stderr, "%s: target `%s' has invalid size %u.\n", - xt_params->program_name, me->name, - (unsigned int)me->size); - exit(1); - } - /* Prepend to list. */ me->next = xtables_targets; xtables_targets = me;