| From 907e429d7548157016cd51aba4adc5d0c7d9f816 Mon Sep 17 00:00:00 2001 |
| From: =?UTF-8?q?Adam=20Go=C5=82=C4=99biowski?= <adamg@pld-linux.org> |
| Date: Wed, 14 Nov 2018 07:35:28 +0100 |
| Subject: extensions: format-security fixes in libip[6]t_icmp |
| MIME-Version: 1.0 |
| Content-Type: text/plain; charset=UTF-8 |
| Content-Transfer-Encoding: 8bit |
| |
| commit 61d6c3834de3 ("xtables: add 'printf' attribute to xlate_add") |
| introduced support for gcc feature to check format string against passed |
| argument. This commit adds missing bits to extenstions's libipt_icmp.c |
| and libip6t_icmp6.c that were causing build to fail. |
| |
| Fixes: 61d6c3834de3 ("xtables: add 'printf' attribute to xlate_add") |
| Signed-off-by: Adam Gołębiowski <adamg@pld-linux.org> |
| Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |
| |
| Upstream-Status: Backport |
| --- |
| extensions/libip6t_icmp6.c | 4 ++-- |
| extensions/libipt_icmp.c | 2 +- |
| 2 files changed, 3 insertions(+), 3 deletions(-) |
| |
| diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c |
| index 45a71875..cc7bfaeb 100644 |
| --- a/extensions/libip6t_icmp6.c |
| +++ b/extensions/libip6t_icmp6.c |
| @@ -230,7 +230,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, |
| type_name = icmp6_type_xlate(icmptype); |
| |
| if (type_name) { |
| - xt_xlate_add(xl, type_name); |
| + xt_xlate_add(xl, "%s", type_name); |
| } else { |
| for (i = 0; i < ARRAY_SIZE(icmpv6_codes); ++i) |
| if (icmpv6_codes[i].type == icmptype && |
| @@ -239,7 +239,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, |
| break; |
| |
| if (i != ARRAY_SIZE(icmpv6_codes)) |
| - xt_xlate_add(xl, icmpv6_codes[i].name); |
| + xt_xlate_add(xl, "%s", icmpv6_codes[i].name); |
| else |
| return 0; |
| } |
| diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c |
| index 54189976..e76257c5 100644 |
| --- a/extensions/libipt_icmp.c |
| +++ b/extensions/libipt_icmp.c |
| @@ -236,7 +236,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, |
| if (icmp_codes[i].type == icmptype && |
| icmp_codes[i].code_min == code_min && |
| icmp_codes[i].code_max == code_max) { |
| - xt_xlate_add(xl, icmp_codes[i].name); |
| + xt_xlate_add(xl, "%s", icmp_codes[i].name); |
| return 1; |
| } |
| } |
| -- |
| cgit v1.2.1 |
| |