....

Author: splitice

ipthelper/xshared.c

@@ -248,10 +248,10 @@ int command_default(struct iptables_command_state *cs,
 							m->x6_options,
 							&m->option_offset);
 		else
-			gl->opts = xtables_merge_options(gl->orig_opts,
-						 	 gl->opts,
-						 	 m->extra_opts,
-						 	 &m->option_offset);
+			gl->opts = xs_merge_options(gl->orig_opts,
+							 gl->opts,
+							 m->extra_opts,
+							 &m->option_offset);
 		if (gl->opts == NULL)
 			xtables_error(OTHER_PROBLEM, "can't alloc memory!");
 		xs_validate_new_longopts(gl->opts, merge_start,
@@ -661,7 +661,7 @@ void command_match(struct iptables_command_state *cs)
 					    m->x6_options, &m->option_offset);
 			merged = true;
 		} else if (m->extra_opts != NULL) {
-			opts = xtables_merge_options(xt_params->orig_opts, opts,
+			opts = xs_merge_options(xt_params->orig_opts, opts,
 					     m->extra_opts, &m->option_offset);
 			merged = true;
 		}
@@ -735,7 +735,7 @@ void command_jump(struct iptables_command_state *cs)
 					    &cs->target->option_offset);
 			merged = true;
 		} else if (cs->target->extra_opts != NULL) {
-			opts = xtables_merge_options(xt_params->orig_opts, opts,
+			opts = xs_merge_options(xt_params->orig_opts, opts,
 					     cs->target->extra_opts,
 					     &cs->target->option_offset);
 			merged = true;

ipthelper/xshared.h

@@ -179,5 +179,9 @@ void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags,
 void command_match(struct iptables_command_state *cs);
 const char *xt_parse_target(const char *targetname);
 void command_jump(struct iptables_command_state *cs);
+struct option *xs_merge_options(struct option *orig_opts,
+	struct option *oldopts,
+	const struct option *newopts,
+	unsigned int *option_offset);
 
 #endif /* IPTABLES_XSHARED_H */

ipthelper/xtoptions.c

@@ -128,6 +128,68 @@ xtables_options_xfrm(struct option *orig_opts, struct option *oldopts,
 	return merge;
 }
 
+struct option *
+xs_merge_options(struct option *orig_opts, struct option *oldopts,
+	    const struct option *newopts, unsigned int *option_offset)
+{
+	unsigned int num_orig = 0, num_old = 0, num_new = 0, i;
+	struct option *merge;
+	struct option *mp;
+	struct option *oldbase = oldopts;
+
+	if (newopts == NULL || newopts[0].name == NULL)
+		return oldopts;
+
+	if (orig_opts != NULL)
+		for (; orig_opts[num_orig].name != NULL; ++num_orig)
+			;
+
+	if (oldopts != NULL)
+		for (num_old = 0; oldopts[num_old].name != NULL; ++num_old)
+			;
+
+	for (; newopts[num_new].name != NULL; ++num_new)
+		;
+
+	if (oldopts != NULL && num_old >= num_orig) {
+		oldopts += num_orig;
+		num_old -= num_orig;
+	} else {
+		oldopts = NULL;
+		num_old = 0;
+	}
+
+	merge = malloc(sizeof(*merge) * (num_orig + num_new + num_old + 1));
+	if (merge == NULL)
+		return NULL;
+
+	if (num_orig != 0)
+		memcpy(merge, orig_opts, sizeof(*merge) * num_orig);
+	mp = merge + num_orig;
+
+	xt_params->option_offset += XT_OPTION_OFFSET_SCALE;
+	*option_offset = xt_params->option_offset;
+
+	for (i = 0; i < num_new; ++i, ++mp) {
+		mp->name    = newopts[i].name;
+		mp->has_arg = newopts[i].has_arg;
+		mp->flag    = newopts[i].flag;
+		mp->val     = newopts[i].val + *option_offset;
+	}
+
+	if (oldopts != NULL && num_old != 0) {
+		memcpy(mp, oldopts, sizeof(*mp) * num_old);
+		mp += num_old;
+	}
+
+	memset(mp, 0, sizeof(*mp));
+
+	if (oldbase != NULL && oldbase != xt_params->orig_opts)
+		free(oldbase);
+
+	return merge;
+}
+
 /**
  * Give the upper limit for a certain type.
  */