iptables/patches/iptables-1.8.9-format-security.patch

https://git.netfilter.org/iptables/commit/?id=ed4082a7405a5838c205a34c1559e289949200cc

From ed4082a7405a5838c205a34c1559e289949200cc Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 12 Jan 2023 14:38:44 +0100
Subject: extensions: NAT: Fix for -Werror=format-security

Have to pass either a string literal or format string to xt_xlate_add().

Fixes: f30c5edce0413 ("extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE")
Signed-off-by: Phil Sutter <phil@nwl.cc>
--- a/extensions/libxt_NAT.c
+++ b/extensions/libxt_NAT.c
@@ -424,7 +424,7 @@ __NAT_xlate(struct xt_xlate *xl, const struct nf_nat_range2 *r,
 	if (r->flags & NF_NAT_RANGE_PROTO_OFFSET)
 		return 0;
 
-	xt_xlate_add(xl, tgt);
+	xt_xlate_add(xl, "%s", tgt);
 	if (strlen(range_str))
 		xt_xlate_add(xl, " to %s", range_str);
 	if (r->flags & NF_NAT_RANGE_PROTO_RANDOM) {
-- 
cgit v1.2.3


1	https://git.netfilter.org/iptables/commit/?id=ed4082a7405a5838c205a34c1559e289949200cc
2
3	From ed4082a7405a5838c205a34c1559e289949200cc Mon Sep 17 00:00:00 2001
4	From: Phil Sutter <phil@nwl.cc>
5	Date: Thu, 12 Jan 2023 14:38:44 +0100
6	Subject: extensions: NAT: Fix for -Werror=format-security
7
8	Have to pass either a string literal or format string to xt_xlate_add().
9
10	Fixes: f30c5edce0413 ("extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE")
11	Signed-off-by: Phil Sutter <phil@nwl.cc>
12	--- a/extensions/libxt_NAT.c
13	+++ b/extensions/libxt_NAT.c
14	@@ -424,7 +424,7 @@ __NAT_xlate(struct xt_xlate xl, const struct nf_nat_range2 r,
15	if (r->flags & NF_NAT_RANGE_PROTO_OFFSET)
16	return 0;
17
18	- xt_xlate_add(xl, tgt);
19	+ xt_xlate_add(xl, "%s", tgt);
20	if (strlen(range_str))
21	xt_xlate_add(xl, " to %s", range_str);
22	if (r->flags & NF_NAT_RANGE_PROTO_RANDOM) {
23	--
24	cgit v1.2.3
25
26