commit 73f72f541ac4dab538d4d418b9bbf1707b31342b
author Rusty Russell <rusty@linuxcare.com.au> Mon Jul 03 10:17:57 2000 +0000
committer Rusty Russell <rusty@rustcorp.com.au> Mon Jul 03 10:17:57 2000 +0000
tree 4709c168a349e6bd1a4f01e522dba0d342618b0b
parent 4b3c03de8ea5419e5d92b1af8363da9a8201d68f

Aligning matchsize and targetsize now responsibility of extension writers
(PPC fix).

iptables.c

diff --git a/iptables.c b/iptables.c
index a3ce827..6d62cab 100644
--- a/iptables.c
+++ b/iptables.c
@@ -928,6 +928,12 @@
 		exit(1);
 	}
 
+	if (me->size != IPT_ALIGN(me->size)) {
+		fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
+			program_name, me->name, me->size);
+		exit(1);
+	}
+
 	/* Prepend to list. */
 	me->next = iptables_matches;
 	iptables_matches = me;
@@ -952,6 +958,12 @@
 		exit(1);
 	}
 
+	if (me->size != IPT_ALIGN(me->size)) {
+		fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
+			program_name, me->name, me->size);
+		exit(1);
+	}
+
 	/* Prepend to list. */
 	me->next = iptables_targets;
 	iptables_targets = me;
@@ -1266,10 +1278,10 @@
 
 	size = sizeof(struct ipt_entry);
 	for (m = iptables_matches; m; m = m->next)
-		size += sizeof(struct ipt_entry_match) + m->size;
+		size += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
 
 	mask = fw_calloc(1, size
-			 + sizeof(struct ipt_entry_target)
+			 + IPT_ALIGN(sizeof(struct ipt_entry_target))
 			 + iptables_targets->size);
 
 	memset(mask, 0xFF, sizeof(struct ipt_entry));
@@ -1277,13 +1289,14 @@
 
 	for (m = iptables_matches; m; m = m->next) {
 		memset(mptr, 0xFF,
-		       sizeof(struct ipt_entry_match) + m->userspacesize);
-		mptr += sizeof(struct ipt_entry_match) + m->size;
+		       IPT_ALIGN(sizeof(struct ipt_entry_match))
+		       + m->userspacesize);
+		mptr += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
 	}
 
-	memset(mptr, 0xFF, sizeof(struct ipt_entry_target));
-	mptr += sizeof(struct ipt_entry_target);
-	memset(mptr, 0xFF, iptables_targets->userspacesize);
+	memset(mptr, 0xFF, 
+	       IPT_ALIGN(sizeof(struct ipt_entry_target))
+	       + iptables_targets->userspacesize);
 
 	return mask;
 }
@@ -1703,8 +1716,8 @@
 			if (target) {
 				size_t size;
 
-				size = IPT_ALIGN(sizeof(struct ipt_entry_target)
-						 + target->size);
+				size = IPT_ALIGN(sizeof(struct ipt_entry_target))
+					+ target->size;
 
 				target->t = fw_calloc(1, size);
 				target->t->u.target_size = size;
@@ -1758,8 +1771,8 @@
 					   "unexpected ! flag before --match");
 
 			m = find_match(optarg, LOAD_MUST_SUCCEED);
-			size = IPT_ALIGN(sizeof(struct ipt_entry_match)
-					 + m->size);
+			size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+					 + m->size;
 			m->m = fw_calloc(1, size);
 			m->m->u.match_size = size;
 			strcpy(m->m->u.user.name, m->name);
@@ -1839,8 +1852,8 @@
 					/* Try loading protocol */
 					size_t size;
 
-					size = IPT_ALIGN(sizeof(struct ipt_entry_match)
-							 + m->size);
+					size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+							 + m->size;
 
 					m->m = fw_calloc(1, size);
 					m->m->u.match_size = size;