aboutsummaryrefslogtreecommitdiffstats
path: root/net/bridge
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2006-11-30 19:26:35 -0800
committerDavid S. Miller <davem@sunset.davemloft.net>2006-12-02 21:31:59 -0800
commite4fd77deac764e17cb1eab8661bcf1413204d04d (patch)
tree09387ab5449d3013196df7e269ed2f1fd757f8ca /net/bridge
parent70fe9af47ee01a17fe7486f1739f6eac8a14868b (diff)
downloadkernel_samsung_espresso10-e4fd77deac764e17cb1eab8661bcf1413204d04d.zip
kernel_samsung_espresso10-e4fd77deac764e17cb1eab8661bcf1413204d04d.tar.gz
kernel_samsung_espresso10-e4fd77deac764e17cb1eab8661bcf1413204d04d.tar.bz2
[EBTABLES]: Move more stuff into ebt_verify_pointers().
Take intialization of ->hook_entry[...], ->entries_size and ->nentries over there, pull the check for empty chains into the end of that sucker. Now it's self-contained, so we can move it up in the very beginning of translate_table() *and* we can rely on ->hook_entry[] being properly transliterated after it. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bridge')
-rw-r--r--net/bridge/netfilter/ebtables.c38
1 files changed, 19 insertions, 19 deletions
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 2eba40f..7ce190c 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -401,6 +401,12 @@ static int ebt_verify_pointers(struct ebt_replace *repl,
unsigned int offset = 0;
int i;
+ for (i = 0; i < NF_BR_NUMHOOKS; i++)
+ newinfo->hook_entry[i] = NULL;
+
+ newinfo->entries_size = repl->entries_size;
+ newinfo->nentries = repl->nentries;
+
while (offset < limit) {
size_t left = limit - offset;
struct ebt_entry *e = (void *)newinfo->entries + offset;
@@ -440,6 +446,15 @@ static int ebt_verify_pointers(struct ebt_replace *repl,
BUGPRINT("entries_size too small\n");
return -EINVAL;
}
+
+ /* check if all valid hooks have a chain */
+ for (i = 0; i < NF_BR_NUMHOOKS; i++) {
+ if (!newinfo->hook_entry[i] &&
+ (valid_hooks & (1 << i))) {
+ BUGPRINT("Valid hook without chain\n");
+ return -EINVAL;
+ }
+ }
return 0;
}
@@ -772,6 +787,10 @@ static int translate_table(struct ebt_replace *repl,
int ret;
struct ebt_cl_stack *cl_s = NULL; /* used in the checking for chain loops */
+ ret = ebt_verify_pointers(repl, newinfo);
+ if (ret != 0)
+ return ret;
+
i = 0;
while (i < NF_BR_NUMHOOKS && !(repl->valid_hooks & (1 << i)))
i++;
@@ -795,16 +814,6 @@ static int translate_table(struct ebt_replace *repl,
i = j;
}
- for (i = 0; i < NF_BR_NUMHOOKS; i++)
- newinfo->hook_entry[i] = NULL;
-
- newinfo->entries_size = repl->entries_size;
- newinfo->nentries = repl->nentries;
-
- ret = ebt_verify_pointers(repl, newinfo);
- if (ret != 0)
- return ret;
-
/* do some early checkings and initialize some things */
i = 0; /* holds the expected nr. of entries for the chain */
j = 0; /* holds the up to now counted entries for the chain */
@@ -829,15 +838,6 @@ static int translate_table(struct ebt_replace *repl,
return -EINVAL;
}
- /* check if all valid hooks have a chain */
- for (i = 0; i < NF_BR_NUMHOOKS; i++) {
- if (newinfo->hook_entry[i] == NULL &&
- (repl->valid_hooks & (1 << i))) {
- BUGPRINT("Valid hook without chain\n");
- return -EINVAL;
- }
- }
-
/* get the location of the udc, put them in an array
while we're at it, allocate the chainstack */
if (udc_cnt) {