iptables-restore: fix segmentation fault with -tanything Reference: Debian bug #458042 iptables-restore must not pass a table into do_command. It checks for "-t arg" and "--table arg", but not "-targ". (On a related note, using -targ does not work as expected). This should fail gracefully, but crashes: iptables-restore <(echo -e '*filter\n-A INPUT -tx\nCOMMIT') And this should use table "filter", or perhaps raise an error, but instead sets the table to (literally) "-tfilter": iptables -tfilter -A INPUT Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>

commit: d0cbf5f34d3421064eb0fbbcdc6b90cda4e81f2d [log] [tgz]
author: Jan Engelhardt <jengelh@medozas.de> Mon Aug 04 12:51:01 2008 +0200
committer: Patrick McHardy <kaber@trash.net> Mon Aug 04 12:51:01 2008 +0200
tree: 1a271189fda828a4dbe4b89a8194d8d8c47444a9
parent: 415a8580cc2b053687c197e8e25d606e8420c672 [diff] [blame]
diff --git a/iptables.c b/iptables.c
index bf3cbca..41e1836 100644
--- a/iptables.c
+++ b/iptables.c

@@ -1764,7 +1764,7 @@
 			if (invert)
 				exit_error(PARAMETER_PROBLEM,
 					   "unexpected ! flag before --table");
-			*table = argv[optind-1];
+			*table = optarg;
 			break;
 
 		case 'x':
@@ -1911,8 +1911,7 @@
 				}
 				if (!m)
 					exit_error(PARAMETER_PROBLEM,
-						   "Unknown arg `%s'",
-						   argv[optind-1]);
+						   "Unknown arg `%s'", optarg);
 			}
 		}
 		invert = FALSE;
commit	d0cbf5f34d3421064eb0fbbcdc6b90cda4e81f2d	[log] [tgz]
author	Jan Engelhardt <jengelh@medozas.de>	Mon Aug 04 12:51:01 2008 +0200
committer	Patrick McHardy <kaber@trash.net>	Mon Aug 04 12:51:01 2008 +0200
tree	1a271189fda828a4dbe4b89a8194d8d8c47444a9
parent	415a8580cc2b053687c197e8e25d606e8420c672 [diff] [blame]