Commit aded9f3e authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso

netfilter: x_tables: remove obsolete check

Since 'netfilter: x_tables: validate targets of jumps' change we
validate that the target aligns exactly with beginning of a rule,
so offset test is now redundant.
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 95609155
...@@ -461,14 +461,6 @@ static int mark_source_chains(const struct xt_table_info *newinfo, ...@@ -461,14 +461,6 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
if (strcmp(t->target.u.user.name, if (strcmp(t->target.u.user.name,
XT_STANDARD_TARGET) == 0 && XT_STANDARD_TARGET) == 0 &&
newpos >= 0) { newpos >= 0) {
if (newpos > newinfo->size -
sizeof(struct arpt_entry)) {
duprintf("mark_source_chains: "
"bad verdict (%i)\n",
newpos);
return 0;
}
/* This a jump; chase it. */ /* This a jump; chase it. */
duprintf("Jump rule %u -> %u\n", duprintf("Jump rule %u -> %u\n",
pos, newpos); pos, newpos);
......
...@@ -542,13 +542,6 @@ mark_source_chains(const struct xt_table_info *newinfo, ...@@ -542,13 +542,6 @@ mark_source_chains(const struct xt_table_info *newinfo,
if (strcmp(t->target.u.user.name, if (strcmp(t->target.u.user.name,
XT_STANDARD_TARGET) == 0 && XT_STANDARD_TARGET) == 0 &&
newpos >= 0) { newpos >= 0) {
if (newpos > newinfo->size -
sizeof(struct ipt_entry)) {
duprintf("mark_source_chains: "
"bad verdict (%i)\n",
newpos);
return 0;
}
/* This a jump; chase it. */ /* This a jump; chase it. */
duprintf("Jump rule %u -> %u\n", duprintf("Jump rule %u -> %u\n",
pos, newpos); pos, newpos);
......
...@@ -554,13 +554,6 @@ mark_source_chains(const struct xt_table_info *newinfo, ...@@ -554,13 +554,6 @@ mark_source_chains(const struct xt_table_info *newinfo,
if (strcmp(t->target.u.user.name, if (strcmp(t->target.u.user.name,
XT_STANDARD_TARGET) == 0 && XT_STANDARD_TARGET) == 0 &&
newpos >= 0) { newpos >= 0) {
if (newpos > newinfo->size -
sizeof(struct ip6t_entry)) {
duprintf("mark_source_chains: "
"bad verdict (%i)\n",
newpos);
return 0;
}
/* This a jump; chase it. */ /* This a jump; chase it. */
duprintf("Jump rule %u -> %u\n", duprintf("Jump rule %u -> %u\n",
pos, newpos); pos, newpos);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment