diff mbox

[iproute] tc: m_xt: Prevent a segfault in libipt

Message ID 20170523134057.23775-1-phil@nwl.cc
State Accepted, archived
Delegated to: stephen hemminger
Headers show

Commit Message

Phil Sutter May 23, 2017, 1:40 p.m. UTC 
From: Phil Sutter <psutter@redhat.com>

This happens with NAT targets, such as SNAT, DNAT and MASQUERADE. These
are still not usable with this patch, but at least tc doesn't crash
anymore when one tries to use them.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 tc/m_xt.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Stephen Hemminger May 31, 2017, 12:38 a.m. UTC | #1 
On Tue, 23 May 2017 15:40:57 +0200
Phil Sutter <phil@nwl.cc> wrote:

> From: Phil Sutter <psutter@redhat.com>
> 
> This happens with NAT targets, such as SNAT, DNAT and MASQUERADE. These
> are still not usable with this patch, but at least tc doesn't crash
> anymore when one tries to use them.
> 
> Signed-off-by: Phil Sutter <phil@nwl.cc>

Applied, thanks
diff mbox

Patch

diff --git a/tc/m_xt.c b/tc/m_xt.c
index e59df8e10afef..ad52d239caf61 100644
--- a/tc/m_xt.c
+++ b/tc/m_xt.c
@@ -146,6 +146,9 @@  static int parse_ipt(struct action_util *a, int *argc_p,
 		     char ***argv_p, int tca_id, struct nlmsghdr *n)
 {
 	struct xtables_target *m = NULL;
+#if XTABLES_VERSION_CODE >= 6
+	struct ipt_entry fw = {};
+#endif
 	struct rtattr *tail;
 
 	int c;
@@ -206,7 +209,7 @@  static int parse_ipt(struct action_util *a, int *argc_p,
 		default:
 #if XTABLES_VERSION_CODE >= 6
 			if (m != NULL && m->x6_parse != NULL) {
-				xtables_option_tpcall(c, argv, 0, m, NULL);
+				xtables_option_tpcall(c, argv, 0, m, &fw);
 #else
 			if (m != NULL && m->parse != NULL) {
 				m->parse(c - m->option_offset, argv, 0,