thr3ads.net - netfilter buglog - [Bug 643] New: Inconsistent target length requirements for chain names and jump/goto targets [Mar 2010]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.netfilter.org

2010-Mar-31 08:11 UTC

[Bug 643] New: Inconsistent target length requirements for chain names and jump/goto targets

http://bugzilla.netfilter.org/show_bug.cgi?id=643

           Summary: Inconsistent target length requirements for chain names
                    and jump/goto targets
           Product: iptables
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P1
         Component: iptables
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: aldem-iptbugs at aldem.net


According to documentation, maximum chain name length should be below 30
characters.

However, while "iptables -N" and iptables-restore allows creation of
chains
with name length 29, jump or goto targets only accept 27 characters.

What is worse, providing target name of length more than 27 characters to
jump/goto targets (target chain must exists) causes buffer overflow when
invoking iptables-restore or iptables -j.

This was tested on most recent (production) version of iptables distributed
with Fedora 12 (1.4.5).

To reproduce, perform:

iptables -N 012345678901234567890123456789
iptables -A FORWARD -j 0123456789001234567890123456789 # Buffer overflow
iptables -A FORWARD -j 012345678900123456789012345678 # Buffer overflow
iptables -A FORWARD -j 01234567890012345678901234567 # OK


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

bugzilla-daemon at bugzilla.netfilter.org

2010-Mar-31 08:40 UTC

head link

[Bug 643] Inconsistent target length requirements for chain names and jump/goto targets

http://bugzilla.netfilter.org/show_bug.cgi?id=643


aldem-iptbugs at aldem.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aldem-iptbugs at aldem.net




-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

netfilter buglog - Mar 2010 - [Bug 643] New: Inconsistent target length requirements for chain names and jump/goto targets

[Bug 643] New: Inconsistent target length requirements for chain names and jump/goto targets

[Bug 643] Inconsistent target length requirements for chain names and jump/goto targets