Browse code
Improve "--version" detection.
| ... | ... |
@@ -44,6 +44,7 @@ int execv(const char *filename, char *const *argv) {
|
| 44 | 44 |
|
| 45 | 45 |
int execve(const char *filename, char *const *argv, char *const *envp) {
|
| 46 | 46 |
char *error_string; |
| 47 |
+ unsigned int arg_index; |
|
| 47 | 48 |
|
| 48 | 49 |
/* Ask the linker to provide us with the actual execve symbol: */ |
| 49 | 50 |
if (!actual_execve) {
|
| ... | ... |
@@ -68,11 +69,13 @@ int execve(const char *filename, char *const *argv, char *const *envp) {
|
| 68 | 69 |
dprintf(2, "OMG it's calling %s!\n", filename); |
| 69 | 70 |
#endif |
| 70 | 71 |
/* Do not interfere when libvirtd tries to run iptables --version: */ |
| 71 |
- if (argv[0] && argv[1] && !strncmp(argv[1], "--version", 10)) {
|
|
| 72 |
+ for (arg_index = 0; argv[arg_index]; ++ arg_index) {
|
|
| 73 |
+ if (!strncmp(argv[arg_index], "--version", 10) || !strncmp(argv[arg_index], "-V", 3)) {
|
|
| 72 | 74 |
#ifdef NOIPTABLES_DEBUG |
| 73 |
- dprintf(2, "Oh, it's ok, it's just calling %s --version.\n", filename); |
|
| 75 |
+ dprintf(2, "Oh, it's ok, it's just calling %s --version.\n", filename); |
|
| 74 | 76 |
#endif |
| 75 |
- goto let_it_go; |
|
| 77 |
+ goto let_it_go; |
|
| 78 |
+ } |
|
| 76 | 79 |
} |
| 77 | 80 |
/* Refuse to run the program: */ |
| 78 | 81 |
return actual_execve(noexec_filename, noexec_argv, noexec_envp); |