From 5d04bff096180f032de8b9b12153a8a1b4009b8d Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Mon, 20 Mar 2006 18:01:58 -0800
Subject: [NETFILTER]: Convert x_tables matches/targets to centralized error
 checking

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
 net/netfilter/xt_limit.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'net/netfilter/xt_limit.c')

diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c
index 15e40506bc3a..dec3f02a9834 100644
--- a/net/netfilter/xt_limit.c
+++ b/net/netfilter/xt_limit.c
@@ -113,9 +113,6 @@ ipt_limit_checkentry(const char *tablename,
 {
 	struct xt_rateinfo *r = matchinfo;
 
-	if (matchsize != XT_ALIGN(sizeof(struct xt_rateinfo)))
-		return 0;
-
 	/* Check for overflow. */
 	if (r->burst == 0
 	    || user2credits(r->avg * r->burst) < user2credits(r->avg)) {
@@ -140,12 +137,14 @@ ipt_limit_checkentry(const char *tablename,
 static struct xt_match ipt_limit_reg = {
 	.name		= "limit",
 	.match		= ipt_limit_match,
+	.matchsize	= sizeof(struct xt_rateinfo),
 	.checkentry	= ipt_limit_checkentry,
 	.me		= THIS_MODULE,
 };
 static struct xt_match limit6_reg = {
 	.name		= "limit",
 	.match		= ipt_limit_match,
+	.matchsize	= sizeof(struct xt_rateinfo),
 	.checkentry	= ipt_limit_checkentry,
 	.me		= THIS_MODULE,
 };
-- 
cgit v1.2.3