diff --git a/extensions/libxt_condition.c b/extensions/libxt_condition.c index 4189926..ed4fd32 100644 --- a/extensions/libxt_condition.c +++ b/extensions/libxt_condition.c @@ -31,8 +31,8 @@ static int condition_parse(int c, char **argv, int invert, unsigned int *flags, check_inverse(optarg, &invert, &optind, 0); - if (strlen(argv[optind - 1]) < CONDITION_NAME_LEN) - strcpy(info->name, argv[optind - 1]); + if (strlen(optarg) < sizeof(info->name)) + strcpy(info->name, optarg); else exit_error(PARAMETER_PROBLEM, "File name too long"); diff --git a/extensions/xt_condition.c b/extensions/xt_condition.c index c68052b..bb37534 100644 --- a/extensions/xt_condition.c +++ b/extensions/xt_condition.c @@ -136,27 +136,18 @@ condition_mt_check(const char *tablename, const void *entry, const struct xt_match *match, void *matchinfo, unsigned int hook_mask) { - static const char * const forbidden_names[]={ "", ".", ".." }; const struct xt_condition_mtinfo *info = matchinfo; struct list_head *pos; struct condition_variable *var, *newvar; - int i; - - /* We don't want a '/' in a proc file name. */ - for (i=0; i < CONDITION_NAME_LEN && info->name[i] != '\0'; i++) - if (info->name[i] == '/') - return false; - - /* We can't handle file names longer than CONDITION_NAME_LEN and */ - /* we want a NULL terminated string. */ - if (i == CONDITION_NAME_LEN) + /* Forbid certain names */ + if (*info->name == '\0' || *info->name == '.' || + info->name[sizeof(info->name)-1] != '\0' || + memchr(info->name, '/', sizeof(info->name)) != NULL) { + printk(KERN_INFO KBUILD_MODNAME ": name not allowed or too " + "long: \"%.*s\"\n", sizeof(info->name), info->name); return false; - - /* We don't want certain reserved names. */ - for (i=0; i < sizeof(forbidden_names)/sizeof(char *); i++) - if(strcmp(info->name, forbidden_names[i])==0) - return false; + } /* Let's acquire the lock, check for the condition and add it */ /* or increase the reference counter. */