aboutsummaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-12-17 21:50:22 -0800
committerDavid S. Miller <davem@davemloft.net>2008-01-28 14:58:35 -0800
commitd924357c50d83e76d30dd5b81b5804815a2ae31c (patch)
treec9b41c5668fdc23bf0ee805264787ac18ecfd6c4 /net
parent433665c9d110d783ea4043c59657f0437fcc31dd (diff)
[NETFILTER]: ip6_tables: resync get_entries() with ip_tables
Resync get_entries() with ip_tables.c by moving the checks from the setsockopt handler to the function itself. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv6/netfilter/ip6_tables.c37
1 files changed, 18 insertions, 19 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 681316e40c6..6fcc0d5bc27 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -1082,17 +1082,29 @@ static int get_info(void __user *user, int *len)
}
static int
-get_entries(const struct ip6t_get_entries *entries,
- struct ip6t_get_entries __user *uptr)
+get_entries(struct ip6t_get_entries __user *uptr, int *len)
{
int ret;
+ struct ip6t_get_entries get;
struct xt_table *t;
- t = xt_find_table_lock(AF_INET6, entries->name);
+ if (*len < sizeof(get)) {
+ duprintf("get_entries: %u < %u\n", *len, sizeof(get));
+ return -EINVAL;
+ }
+ if (copy_from_user(&get, uptr, sizeof(get)) != 0)
+ return -EFAULT;
+ if (*len != sizeof(struct ip6t_get_entries) + get.size) {
+ duprintf("get_entries: %u != %u\n", *len,
+ sizeof(struct ip6t_get_entries) + get.size);
+ return -EINVAL;
+ }
+
+ t = xt_find_table_lock(AF_INET6, get.name);
if (t && !IS_ERR(t)) {
struct xt_table_info *private = t->private;
duprintf("t->private->number = %u\n", private->number);
- if (entries->size == private->size)
+ if (get.size == private->size)
ret = copy_entries_to_user(private->size,
t, uptr->entrytable);
else {
@@ -1322,22 +1334,9 @@ do_ip6t_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
ret = get_info(user, len);
break;
- case IP6T_SO_GET_ENTRIES: {
- struct ip6t_get_entries get;
-
- if (*len < sizeof(get)) {
- duprintf("get_entries: %u < %u\n", *len, sizeof(get));
- ret = -EINVAL;
- } else if (copy_from_user(&get, user, sizeof(get)) != 0) {
- ret = -EFAULT;
- } else if (*len != sizeof(struct ip6t_get_entries) + get.size) {
- duprintf("get_entries: %u != %u\n", *len,
- sizeof(struct ip6t_get_entries) + get.size);
- ret = -EINVAL;
- } else
- ret = get_entries(&get, user);
+ case IP6T_SO_GET_ENTRIES:
+ ret = get_entries(user, len);
break;
- }
case IP6T_SO_GET_REVISION_MATCH:
case IP6T_SO_GET_REVISION_TARGET: {