check for invalid port ranges (Thomas Poehnitz)
diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c
index 8e54dc4..1bf1d19 100644
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -77,6 +77,10 @@
ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}
diff --git a/extensions/libip6t_udp.c b/extensions/libip6t_udp.c
index fb0505e..a2e2fe6 100644
--- a/extensions/libip6t_udp.c
+++ b/extensions/libip6t_udp.c
@@ -69,6 +69,10 @@
ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c
index acf6050..1ff8f12 100644
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -77,6 +77,10 @@
ports[0] = buffer[0] ? parse_tcp_port(buffer) : 0;
ports[1] = cp[0] ? parse_tcp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}
diff --git a/extensions/libipt_udp.c b/extensions/libipt_udp.c
index 622fb43..ccea210 100644
--- a/extensions/libipt_udp.c
+++ b/extensions/libipt_udp.c
@@ -69,6 +69,10 @@
ports[0] = buffer[0] ? parse_udp_port(buffer) : 0;
ports[1] = cp[0] ? parse_udp_port(cp) : 0xFFFF;
+
+ if (ports[0] > ports[1])
+ exit_error(PARAMETER_PROBLEM,
+ "invalid portrange (min > max)");
}
free(buffer);
}