diff options
author | Patrick McHardy | 2006-03-21 03:00:36 +0100 |
---|---|---|
committer | David S. Miller | 2006-03-21 03:00:36 +0100 |
commit | 3cdc7c953eb1e1e1d1b82adbd140bf3451c165b1 (patch) | |
tree | 82d44723c94904d52fc5234eaaa505688bdf0dc3 /net/ipv4/netfilter/arp_tables.c | |
parent | [NETFILTER]: xt_tables: add centralized error checking (diff) | |
download | kernel-qcow2-linux-3cdc7c953eb1e1e1d1b82adbd140bf3451c165b1.tar.gz kernel-qcow2-linux-3cdc7c953eb1e1e1d1b82adbd140bf3451c165b1.tar.xz kernel-qcow2-linux-3cdc7c953eb1e1e1d1b82adbd140bf3451c165b1.zip |
[NETFILTER]: Change {ip,ip6,arp}_tables to use centralized error checking
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/netfilter/arp_tables.c')
-rw-r--r-- | net/ipv4/netfilter/arp_tables.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 7d7ab94a7a2e..2fdf75da7a70 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -480,6 +480,11 @@ static inline int check_entry(struct arpt_entry *e, const char *name, unsigned i } t->u.kernel.target = target; + ret = xt_check_target(target, NF_ARP, t->u.target_size - sizeof(*t), + name, e->comefrom, 0, 0); + if (ret) + goto err; + if (t->u.kernel.target == &arpt_standard_target) { if (!standard_check(t, size)) { ret = -EINVAL; @@ -490,16 +495,16 @@ static inline int check_entry(struct arpt_entry *e, const char *name, unsigned i t->u.target_size - sizeof(*t), e->comefrom)) { - module_put(t->u.kernel.target->me); duprintf("arp_tables: check failed for `%s'.\n", t->u.kernel.target->name); ret = -EINVAL; - goto out; + goto err; } (*i)++; return 0; - +err: + module_put(t->u.kernel.target->me); out: return ret; } |