iptables/Fix-for-segfault-when-registering-hashlimit-extension.patch

From 37b68b2bc903112a74545c7f4a49c89e889582a9 Mon Sep 17 00:00:00 2001
From: Heena Sirwani <heenasirwani@gmail.com>
Date: Tue, 21 Aug 2018 17:25:56 +0530
Subject: xtables: Fix for segfault when registering hashlimit extension

This patch fixes the crash when registering the hashlimit extension
with xtables during init_extensions(when built with static libs) .
The option validation function xtables_option_metavalidate has a
loop termination condition of the entry name being NULL. The loop
does not terminate when validating hashlimit_mt_opts_v2 which causes
a crash on derefencing an invalid entry.

Signed-off-by: Heena Sirwani <heenasirwani@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---
 extensions/libxt_hashlimit.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 70bc615b..7d78d852 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -205,6 +205,7 @@ static const struct xt_option_entry hashlimit_mt_opts_v2[] = {
 	{.name = "hashlimit-mode", .id = O_MODE, .type = XTTYPE_STRING},
 	{.name = "hashlimit-name", .id = O_NAME, .type = XTTYPE_STRING,
 	 .flags = XTOPT_MAND | XTOPT_PUT, XTOPT_POINTER(s, name), .min = 1},
+	XTOPT_TABLEEND,
 };
 #undef s
 
-- 
cgit v1.2.1