netfilter: nft_compat: use the match->table to validate dependencies

Instead of the match->name, which is of course not relevant.

Fixes: f3f5dde ("netfilter: nft_compat: validate chain type in match/target")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2014-11-10 19:08:21 +01:00
parent c918687f5e
commit afefb6f928

View File

@ -346,7 +346,7 @@ nft_match_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
union nft_entry e = {}; union nft_entry e = {};
int ret; int ret;
ret = nft_compat_chain_validate_dependency(match->name, ctx->chain); ret = nft_compat_chain_validate_dependency(match->table, ctx->chain);
if (ret < 0) if (ret < 0)
goto err; goto err;
@ -420,7 +420,7 @@ static int nft_match_validate(const struct nft_ctx *ctx,
if (!(hook_mask & match->hooks)) if (!(hook_mask & match->hooks))
return -EINVAL; return -EINVAL;
ret = nft_compat_chain_validate_dependency(match->name, ret = nft_compat_chain_validate_dependency(match->table,
ctx->chain); ctx->chain);
if (ret < 0) if (ret < 0)
return ret; return ret;