X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=net%2Fnetfilter%2Fxt_string.c;fp=net%2Fnetfilter%2Fxt_string.c;h=7c7d5c8807d6ce458e21e636a9ac5af92ddf705d;hb=64ba3f394c830ec48a1c31b53dcae312c56f1604;hp=275330fcdaaab9dfebba281e3baf5e80671c884c;hpb=be1e6109ac94a859551f8e1774eb9a8469fe055c;p=linux-2.6.git

diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c
index 275330fcd..7c7d5c880 100644
--- a/net/netfilter/xt_string.c
+++ b/net/netfilter/xt_string.c
@@ -24,27 +24,25 @@ MODULE_ALIAS("ip6t_string");
 static int match(const struct sk_buff *skb,
 		 const struct net_device *in,
 		 const struct net_device *out,
-		 const struct xt_match *match,
 		 const void *matchinfo,
 		 int offset,
 		 unsigned int protoff,
 		 int *hotdrop)
 {
-	const struct xt_string_info *conf = matchinfo;
 	struct ts_state state;
+	struct xt_string_info *conf = (struct xt_string_info *) matchinfo;
 
 	memset(&state, 0, sizeof(struct ts_state));
 
 	return (skb_find_text((struct sk_buff *)skb, conf->from_offset, 
 			     conf->to_offset, conf->config, &state) 
-			     != UINT_MAX) ^ conf->invert;
+			     != UINT_MAX) && !conf->invert;
 }
 
 #define STRING_TEXT_PRIV(m) ((struct xt_string_info *) m)
 
 static int checkentry(const char *tablename,
 		      const void *ip,
-		      const struct xt_match *match,
 		      void *matchinfo,
 		      unsigned int matchsize,
 		      unsigned int hook_mask)
@@ -52,13 +50,13 @@ static int checkentry(const char *tablename,
 	struct xt_string_info *conf = matchinfo;
 	struct ts_config *ts_conf;
 
+	if (matchsize != XT_ALIGN(sizeof(struct xt_string_info)))
+		return 0;
+
 	/* Damn, can't handle this case properly with iptables... */
 	if (conf->from_offset > conf->to_offset)
 		return 0;
-	if (conf->algo[XT_STRING_MAX_ALGO_NAME_SIZE - 1] != '\0')
-	    	return 0;
-	if (conf->patlen > XT_STRING_MAX_PATTERN_SIZE)
-		return 0;
+
 	ts_conf = textsearch_prepare(conf->algo, conf->pattern, conf->patlen,
 				     GFP_KERNEL, TS_AUTOLOAD);
 	if (IS_ERR(ts_conf))
@@ -69,8 +67,7 @@ static int checkentry(const char *tablename,
 	return 1;
 }
 
-static void destroy(const struct xt_match *match, void *matchinfo,
-		    unsigned int matchsize)
+static void destroy(void *matchinfo, unsigned int matchsize)
 {
 	textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config);
 }
@@ -78,41 +75,37 @@ static void destroy(const struct xt_match *match, void *matchinfo,
 static struct xt_match string_match = {
 	.name 		= "string",
 	.match 		= match,
-	.matchsize	= sizeof(struct xt_string_info),
 	.checkentry	= checkentry,
 	.destroy 	= destroy,
-	.family		= AF_INET,
 	.me 		= THIS_MODULE
 };
 static struct xt_match string6_match = {
 	.name 		= "string",
 	.match 		= match,
-	.matchsize	= sizeof(struct xt_string_info),
 	.checkentry	= checkentry,
 	.destroy 	= destroy,
-	.family		= AF_INET6,
 	.me 		= THIS_MODULE
 };
 
-static int __init xt_string_init(void)
+static int __init init(void)
 {
 	int ret;
 
-	ret = xt_register_match(&string_match);
+	ret = xt_register_match(AF_INET, &string_match);
 	if (ret)
 		return ret;
-	ret = xt_register_match(&string6_match);
+	ret = xt_register_match(AF_INET6, &string6_match);
 	if (ret)
-		xt_unregister_match(&string_match);
+		xt_unregister_match(AF_INET, &string_match);
 
 	return ret;
 }
 
-static void __exit xt_string_fini(void)
+static void __exit fini(void)
 {
-	xt_unregister_match(&string_match);
-	xt_unregister_match(&string6_match);
+	xt_unregister_match(AF_INET, &string_match);
+	xt_unregister_match(AF_INET6, &string6_match);
 }
 
-module_init(xt_string_init);
-module_exit(xt_string_fini);
+module_init(init);
+module_exit(fini);