iptables plugin: Fix a segfault when a comment is passed in the configuration.

author Florian Forster <octo@leeloo.lan.home.verplant.org>

Wed, 6 Jun 2007 15:35:46 +0000 (17:35 +0200)

committer Florian Forster <octo@leeloo.lan.home.verplant.org>

Wed, 6 Jun 2007 15:35:46 +0000 (17:35 +0200)
author Florian Forster <octo@leeloo.lan.home.verplant.org>
Wed, 6 Jun 2007 15:35:46 +0000 (17:35 +0200)
committer Florian Forster <octo@leeloo.lan.home.verplant.org>
Wed, 6 Jun 2007 15:35:46 +0000 (17:35 +0200)
diff --git a/src/iptables.c b/src/iptables.c

index c48199ad26c7d7059b105160e695e36b4b71d2ea..8dc571095fa9387e8504666fe8dfd9b58855e999 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -152,8 +152,12 @@ static int iptables_config (const char *key, const char *value)
                     }
                     else
                     {
-                       strncpy (temp.rule.comment, comment,
-                               sizeof (temp.rule.comment) - 1);
+                       temp.rule.comment = strdup (comment);
+                       if (temp.rule.comment == NULL)
+                       {
+                           free (value_copy);
+                           return (1);
+                       }
                         temp.rule_type = RTYPE_COMMENT;
                     }
                 }
@@ -336,6 +340,10 @@ static int iptables_shutdown (void)
  
      for (i = 0; i < chain_num; i++)
      {
+       if ((chain_list[i] != NULL) && (chain_list[i]->rule_type == RTYPE_COMMENT))
+       {
+           sfree (chain_list[i]->rule.comment);
+       }
         sfree (chain_list[i]);
      }
      sfree (chain_list);
author	Florian Forster <octo@leeloo.lan.home.verplant.org>
	Wed, 6 Jun 2007 15:35:46 +0000 (17:35 +0200)
committer	Florian Forster <octo@leeloo.lan.home.verplant.org>
	Wed, 6 Jun 2007 15:35:46 +0000 (17:35 +0200)