xref: /third_party/iptables/backport-extensions-libipt_ttl-Sanitize-xlate-callback.patch

From 800bed28b2b7bbd931166c7426640ae619f03342 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 16 Nov 2022 13:09:16 +0100
Subject: [PATCH] extensions: libipt_ttl: Sanitize xlate callback

Catch unexpected values in info->mode, also fix indenting.

Conflict: NA
Reference: https://git.netfilter.org/iptables/commit?id=800bed28b2b7bbd931166c7426640ae619f03342

Fixes: 1b320a1a1dc1f ("extensions: libipt_ttl: Add translation to nft")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 extensions/libipt_ttl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 6bdd2196..86ba554e 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -106,7 +106,7 @@ static int ttl_xlate(struct xt_xlate *xl,
 	const struct ipt_ttl_info *info =
 		(struct ipt_ttl_info *) params->match->data;

-		switch (info->mode) {
+	switch (info->mode) {
 		case IPT_TTL_EQ:
 			xt_xlate_add(xl, "ip ttl");
 			break;
@@ -121,7 +121,7 @@ static int ttl_xlate(struct xt_xlate *xl,
 			break;
 		default:
 			/* Should not happen. */
-			break;
+			return 0;
 	}

 	xt_xlate_add(xl, " %u", info->ttl);
--
2.23.0