options: redirects: Fix possible buffer overflows

[project/firewall3.git] / iptables.c

diff --git a/iptables.c b/iptables.c
index d8482399dbaa85f611f6720aaae1d29727b0bf17..a095621dc30873a2cb068d2ace6e59bc0d111e97 100644 (file)
--- a/iptables.c
+++ b/iptables.c
@@ -899,7 +899,7 @@ fw3_ipt_rule_sport_dport(struct fw3_ipt_rule *r,
                if (sp->port_min == sp->port_max)
                        sprintf(buf, "%u", sp->port_min);
                else
-                       sprintf(buf, "%u:%u", sp->port_min, sp->port_max);
+                       snprintf(buf, sizeof(buf), "%u:%u", sp->port_min, sp->port_max);
 
                fw3_ipt_rule_addarg(r, sp->invert, "--sport", buf);
        }
@@ -909,7 +909,7 @@ fw3_ipt_rule_sport_dport(struct fw3_ipt_rule *r,
                if (dp->port_min == dp->port_max)
                        sprintf(buf, "%u", dp->port_min);
                else
-                       sprintf(buf, "%u:%u", dp->port_min, dp->port_max);
+                       snprintf(buf, sizeof(buf), "%u:%u", dp->port_min, dp->port_max);
 
                fw3_ipt_rule_addarg(r, dp->invert, "--dport", buf);
        }
@@ -955,7 +955,7 @@ fw3_ipt_rule_icmptype(struct fw3_ipt_rule *r, struct fw3_icmptype *icmp)
                if (icmp->code6_min == 0 && icmp->code6_max == 0xFF)
                        sprintf(buf, "%u", icmp->type6);
                else
-                       sprintf(buf, "%u/%u", icmp->type6, icmp->code6_min);
+                       snprintf(buf, sizeof(buf), "%u/%u", icmp->type6, icmp->code6_min);
 
                fw3_ipt_rule_addarg(r, icmp->invert, "--icmpv6-type", buf);
        }
@@ -965,7 +965,7 @@ fw3_ipt_rule_icmptype(struct fw3_ipt_rule *r, struct fw3_icmptype *icmp)
                if (icmp->code_min == 0 && icmp->code_max == 0xFF)
                        sprintf(buf, "%u", icmp->type);
                else
-                       sprintf(buf, "%u/%u", icmp->type, icmp->code_min);
+                       snprintf(buf, sizeof(buf), "%u/%u", icmp->type, icmp->code_min);
 
                fw3_ipt_rule_addarg(r, icmp->invert, "--icmp-type", buf);
        }
@@ -1025,6 +1025,16 @@ fw3_ipt_rule_ipset(struct fw3_ipt_rule *r, struct fw3_setmatch *match)
        fw3_ipt_rule_addarg(r, false, buf, NULL);
 }
 
+void
+fw3_ipt_rule_helper(struct fw3_ipt_rule *r, struct fw3_cthelpermatch *match)
+{
+       if (!match || !match->set || !match->ptr)
+               return;
+
+       fw3_ipt_rule_addarg(r, false, "-m", "helper");
+       fw3_ipt_rule_addarg(r, match->invert, "--helper", match->ptr->name);
+}
+
 void
 fw3_ipt_rule_time(struct fw3_ipt_rule *r, struct fw3_time *time)
 {
@@ -1130,6 +1140,20 @@ fw3_ipt_rule_mark(struct fw3_ipt_rule *r, struct fw3_mark *mark)
        fw3_ipt_rule_addarg(r, mark->invert, "--mark", buf);
 }
 
+void
+fw3_ipt_rule_dscp(struct fw3_ipt_rule *r, struct fw3_dscp *dscp)
+{
+       char buf[sizeof("0xFF\0")];
+
+       if (!dscp || !dscp->set)
+               return;
+
+       sprintf(buf, "0x%x", dscp->dscp);
+
+       fw3_ipt_rule_addarg(r, false, "-m", "dscp");
+       fw3_ipt_rule_addarg(r, dscp->invert, "--dscp", buf);
+}
+
 void
 fw3_ipt_rule_comment(struct fw3_ipt_rule *r, const char *fmt, ...)
 {
@@ -1413,7 +1437,7 @@ rule_mask(struct fw3_ipt_rule *r)
                        p += SZ(ip6t_entry_match) + m->match->size;
                }
 
-               memset(p, 0xFF, SZ(ip6t_entry_target) + (r->target) ? r->target->userspacesize : 0);
+               memset(p, 0xFF, SZ(ip6t_entry_target) + (r->target ? r->target->userspacesize : 0));
        }
        else
 #endif
@@ -1437,7 +1461,7 @@ rule_mask(struct fw3_ipt_rule *r)
                        p += SZ(ipt_entry_match) + m->match->size;
                }
 
-               memset(p, 0xFF, SZ(ipt_entry_target) + (r->target) ? r->target->userspacesize : 0);
+               memset(p, 0xFF, SZ(ipt_entry_target) + (r->target ? r->target->userspacesize : 0));
        }
 
        return mask;