Skip to content

Commit

Permalink
[NETFILTER]: ipt action: use xt_check_target for basic verification
Browse files Browse the repository at this point in the history
The targets don't do the basic verification themselves anymore so
the ipt action needs to take care of it.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Patrick McHardy authored and David S. Miller committed Apr 25, 2006
1 parent 91536b7 commit 18118cd
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions net/sched/act_ipt.c
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,11 @@ ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int hook)
DPRINTK("ipt_init_target: found %s\n", target->name);
t->u.kernel.target = target;

ret = xt_check_target(target, AF_INET, t->u.target_size - sizeof(*t),
table, hook, 0, 0);
if (ret)
return ret;

if (t->u.kernel.target->checkentry
&& !t->u.kernel.target->checkentry(table, NULL,
t->u.kernel.target, t->data,
Expand Down

0 comments on commit 18118cd

Please sign in to comment.