From 18118cdbfd1f855e09ee511d764d6c9df3d4f952 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Mon, 24 Apr 2006 17:18:59 -0700 Subject: [PATCH] [NETFILTER]: ipt action: use xt_check_target for basic verification The targets don't do the basic verification themselves anymore so the ipt action needs to take care of it. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/sched/act_ipt.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 6056d20..37640c6 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c @@ -69,6 +69,11 @@ ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int hook) DPRINTK("ipt_init_target: found %s\n", target->name); t->u.kernel.target = target; + ret = xt_check_target(target, AF_INET, t->u.target_size - sizeof(*t), + table, hook, 0, 0); + if (ret) + return ret; + if (t->u.kernel.target->checkentry && !t->u.kernel.target->checkentry(table, NULL, t->u.kernel.target, t->data, -- 2.7.4