Aligning matchsize and targetsize now responsibility of extension writers
(PPC fix).
diff --git a/iptables.c b/iptables.c
index a3ce827..6d62cab 100644
--- a/iptables.c
+++ b/iptables.c
@@ -928,6 +928,12 @@
exit(1);
}
+ if (me->size != IPT_ALIGN(me->size)) {
+ fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
+ program_name, me->name, me->size);
+ exit(1);
+ }
+
/* Prepend to list. */
me->next = iptables_matches;
iptables_matches = me;
@@ -952,6 +958,12 @@
exit(1);
}
+ if (me->size != IPT_ALIGN(me->size)) {
+ fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
+ program_name, me->name, me->size);
+ exit(1);
+ }
+
/* Prepend to list. */
me->next = iptables_targets;
iptables_targets = me;
@@ -1266,10 +1278,10 @@
size = sizeof(struct ipt_entry);
for (m = iptables_matches; m; m = m->next)
- size += sizeof(struct ipt_entry_match) + m->size;
+ size += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
mask = fw_calloc(1, size
- + sizeof(struct ipt_entry_target)
+ + IPT_ALIGN(sizeof(struct ipt_entry_target))
+ iptables_targets->size);
memset(mask, 0xFF, sizeof(struct ipt_entry));
@@ -1277,13 +1289,14 @@
for (m = iptables_matches; m; m = m->next) {
memset(mptr, 0xFF,
- sizeof(struct ipt_entry_match) + m->userspacesize);
- mptr += sizeof(struct ipt_entry_match) + m->size;
+ IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->userspacesize);
+ mptr += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
}
- memset(mptr, 0xFF, sizeof(struct ipt_entry_target));
- mptr += sizeof(struct ipt_entry_target);
- memset(mptr, 0xFF, iptables_targets->userspacesize);
+ memset(mptr, 0xFF,
+ IPT_ALIGN(sizeof(struct ipt_entry_target))
+ + iptables_targets->userspacesize);
return mask;
}
@@ -1703,8 +1716,8 @@
if (target) {
size_t size;
- size = IPT_ALIGN(sizeof(struct ipt_entry_target)
- + target->size);
+ size = IPT_ALIGN(sizeof(struct ipt_entry_target))
+ + target->size;
target->t = fw_calloc(1, size);
target->t->u.target_size = size;
@@ -1758,8 +1771,8 @@
"unexpected ! flag before --match");
m = find_match(optarg, LOAD_MUST_SUCCEED);
- size = IPT_ALIGN(sizeof(struct ipt_entry_match)
- + m->size);
+ size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->size;
m->m = fw_calloc(1, size);
m->m->u.match_size = size;
strcpy(m->m->u.user.name, m->name);
@@ -1839,8 +1852,8 @@
/* Try loading protocol */
size_t size;
- size = IPT_ALIGN(sizeof(struct ipt_entry_match)
- + m->size);
+ size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->size;
m->m = fw_calloc(1, size);
m->m->u.match_size = size;