Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 70fe9af4 authored by Al Viro's avatar Al Viro Committed by David S. Miller
Browse files

[EBTABLES]: Pull the loop doing __ebt_verify_pointers() into a separate function.



It's easier to expand the iterator here *and* we'll be able to move all
uses of ebt_replace from translate_table() into this one.

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 22b440bf
Loading
Loading
Loading
Loading
+41 −37
Original line number Original line Diff line number Diff line
@@ -393,25 +393,28 @@ ebt_check_watcher(struct ebt_entry_watcher *w, struct ebt_entry *e,
	return 0;
	return 0;
}
}


static inline int
static int ebt_verify_pointers(struct ebt_replace *repl,
__ebt_verify_pointers(struct ebt_entry *e,
			       struct ebt_table_info *newinfo)
   struct ebt_table_info *newinfo, char *base, char *limit,
   struct ebt_entries **hook_entries,
   unsigned int valid_hooks)
{
{
	unsigned int offset = (char *)e - newinfo->entries;
	unsigned int limit = repl->entries_size;
	size_t left = (limit - base) - offset;
	unsigned int valid_hooks = repl->valid_hooks;
	unsigned int offset = 0;
	int i;
	int i;


	while (offset < limit) {
		size_t left = limit - offset;
		struct ebt_entry *e = (void *)newinfo->entries + offset;

		if (left < sizeof(unsigned int))
		if (left < sizeof(unsigned int))
		goto Esmall;
			break;


		for (i = 0; i < NF_BR_NUMHOOKS; i++) {
		for (i = 0; i < NF_BR_NUMHOOKS; i++) {
			if ((valid_hooks & (1 << i)) == 0)
			if ((valid_hooks & (1 << i)) == 0)
				continue;
				continue;
		if ((char *)hook_entries[i] == base + offset)
			if ((char *)repl->hook_entry[i] == repl->entries + offset)
				break;
				break;
		}
		}

		if (i != NF_BR_NUMHOOKS || !(e->bitmask & EBT_ENTRY_OR_ENTRIES)) {
		if (i != NF_BR_NUMHOOKS || !(e->bitmask & EBT_ENTRY_OR_ENTRIES)) {
			if (e->bitmask != 0) {
			if (e->bitmask != 0) {
				/* we make userspace set this right,
				/* we make userspace set this right,
@@ -420,22 +423,25 @@ __ebt_verify_pointers(struct ebt_entry *e,
					 "in distinguisher\n");
					 "in distinguisher\n");
				return -EINVAL;
				return -EINVAL;
			}
			}
		if (left < sizeof(struct ebt_entries))
			goto Esmall;
			if (i != NF_BR_NUMHOOKS)
			if (i != NF_BR_NUMHOOKS)
				newinfo->hook_entry[i] = (struct ebt_entries *)e;
				newinfo->hook_entry[i] = (struct ebt_entries *)e;
		return 0;
			if (left < sizeof(struct ebt_entries))
	}
				break;
			offset += sizeof(struct ebt_entries);
		} else {
			if (left < sizeof(struct ebt_entry))
			if (left < sizeof(struct ebt_entry))
		goto Esmall;
				break;
			if (left < e->next_offset)
			if (left < e->next_offset)
		goto Esmall;
				break;
	return 0;
			offset += e->next_offset;

		}
Esmall:
	}
	if (offset != limit) {
		BUGPRINT("entries_size too small\n");
		BUGPRINT("entries_size too small\n");
		return -EINVAL;
		return -EINVAL;
	}
	}
	return 0;
}


/*
/*
 * this one is very careful, as it is the first function
 * this one is very careful, as it is the first function
@@ -795,9 +801,7 @@ static int translate_table(struct ebt_replace *repl,
	newinfo->entries_size = repl->entries_size;
	newinfo->entries_size = repl->entries_size;
	newinfo->nentries = repl->nentries;
	newinfo->nentries = repl->nentries;


	ret = EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size,
	ret = ebt_verify_pointers(repl, newinfo);
	   __ebt_verify_pointers, newinfo, repl->entries,
	   repl->entries + repl->entries_size, repl->hook_entry, repl->valid_hooks);
	if (ret != 0)
	if (ret != 0)
		return ret;
		return ret;