aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLiping Zhang <liping.zhang@spreadtrum.com>2016-08-28 16:50:46 +0800
committerPablo Neira Ayuso <pablo@netfilter.org>2016-08-30 11:55:49 +0200
commit1d3f29d61b24ae1a41ef9acd3fcbe658a8892b9c (patch)
tree820e09f77321829ff7c32efdfdc914ff8a75e3f4
parent4b791044cd0984c9a1771e86fa77fce9d309d9e7 (diff)
downloadplatform_external_iptables-1d3f29d61b24ae1a41ef9acd3fcbe658a8892b9c.tar.gz
platform_external_iptables-1d3f29d61b24ae1a41ef9acd3fcbe658a8892b9c.tar.bz2
platform_external_iptables-1d3f29d61b24ae1a41ef9acd3fcbe658a8892b9c.zip
extensions: libipt_DNAT/SNAT: fix "OOM" when do translation to nft
When I want to translate SNAT target to nft rule, an error message was printed out: # iptables-translate -A POSTROUTING -j SNAT --to-source 1.1.1.1 iptables-translate v1.6.0: OOM Because ipt_natinfo{} started with a xt_entry_target{}, so when we get the ipt_natinfo pointer, we should use the target itself, not its data pointer. Yes, it is a little tricky and it's different with other targets. Fixes: 7a0992da44cf ("src: introduce struct xt_xlate_{mt,tg}_params") Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--extensions/libipt_DNAT.c2
-rw-r--r--extensions/libipt_SNAT.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index c463f071..78907198 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -265,7 +265,7 @@ static void print_range_xlate(const struct nf_nat_ipv4_range *r,
static int DNAT_xlate(struct xt_xlate *xl,
const struct xt_xlate_tg_params *params)
{
- const struct ipt_natinfo *info = (const void *)params->target->data;
+ const struct ipt_natinfo *info = (const void *)params->target;
unsigned int i = 0;
bool sep_need = false;
const char *sep = " ";
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 71717fd8..5c699d32 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -276,7 +276,7 @@ static void print_range_xlate(const struct nf_nat_ipv4_range *r,
static int SNAT_xlate(struct xt_xlate *xl,
const struct xt_xlate_tg_params *params)
{
- const struct ipt_natinfo *info = (const void *)params->target->data;
+ const struct ipt_natinfo *info = (const void *)params->target;
unsigned int i = 0;
bool sep_need = false;
const char *sep = " ";