[server] fix 'Use of untrusted string value' bug found by Coverity
authorMichael Rash <mbr@cipherdyne.org>
Sun, 9 Jun 2013 18:28:17 +0000 (14:28 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sun, 9 Jun 2013 18:28:17 +0000 (14:28 -0400)
commit7a1bdea5140de8791d22125fca8a5b6eb50619ec
treede032820dac5cb7a99285d89b7af3883adff3ce0
parentf491c4169758a400b70ed5ccfd997a36354fe75f
[server] fix 'Use of untrusted string value' bug found by Coverity

This commit changes iptables policy parsing to re-use rule_exists() for fwknop
jump rule detection instead of using sscanf() against iptables policy list
output.  Also, fwknop jump rules are now deleted from iptables policies in a
loop to ensure all are removed even if there are duplicates (even though this
should not happen under normal circumstances anyway).
server/fw_util.h
server/fw_util_iptables.c
server/fw_util_iptables.h
test/conf/custom_input_chain_fwknopd.conf [new file with mode: 0644]
test/conf/custom_nat_chain_fwknopd.conf [new file with mode: 0644]
test/test-fwknop.pl
test/tests/rijndael_hmac.pl