netfilter: x_tables: check for bogus target offset

[karo-tx-linux.git] / net / ipv4 / netfilter / ip_tables.c

diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 39543d96f617a5899687e3c2fbe6619d8077dafd..fa06250faf7fb2984e396518c8e6c0d5db1af506 100644 (file)
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -587,15 +587,6 @@ static void cleanup_match(struct xt_entry_match *m, struct net *net)
        module_put(par.match->me);
 }
 
-static int
-check_entry(const struct ipt_entry *e)
-{
-       if (!ip_checkentry(&e->ip))
-               return -EINVAL;
-
-       return xt_check_entry_offsets(e, e->target_offset, e->next_offset);
-}
-
 static int
 check_match(struct xt_entry_match *m, struct xt_mtchk_param *par)
 {
@@ -760,7 +751,11 @@ check_entry_size_and_hooks(struct ipt_entry *e,
                return -EINVAL;
        }
 
-       err = check_entry(e);
+       if (!ip_checkentry(&e->ip))
+               return -EINVAL;
+
+       err = xt_check_entry_offsets(e, e->elems, e->target_offset,
+                                    e->next_offset);
        if (err)
                return err;
 
@@ -1515,8 +1510,11 @@ check_compat_entry_size_and_hooks(struct compat_ipt_entry *e,
                return -EINVAL;
        }
 
-       /* For purposes of check_entry casting the compat entry is fine */
-       ret = check_entry((struct ipt_entry *)e);
+       if (!ip_checkentry(&e->ip))
+               return -EINVAL;
+
+       ret = xt_compat_check_entry_offsets(e, e->elems,
+                                           e->target_offset, e->next_offset);
        if (ret)
                return ret;