Patchwork [libnftables,1/5] src: rule: small fix XML output

login
register
mail settings
Submitter Arturo Borrero
Date April 10, 2013, 4:39 p.m.
Message ID <20130410163957.6303.44318.stgit@nfdev.cica.es>
Download mbox | patch
Permalink /patch/235417/
State RFC
Headers show

Comments

Arturo Borrero - April 10, 2013, 4:39 p.m.
This patch aplies two fixes:
	* snprintf XML output offset for rule.
	* add XML <flags> node, missing in previous patches.

The <flags> node will be used for parsing a rule in XML.

Signed-off-by: Arturo Borrero González <arturo.borrero.glez@gmail.com>
---
 src/rule.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Pablo Neira - April 18, 2013, 11:32 p.m.
Hi Arturo,

On Wed, Apr 10, 2013 at 06:39:57PM +0200, Arturo Borrero wrote:
> This patch aplies two fixes:
> 	* snprintf XML output offset for rule.
> 	* add XML <flags> node, missing in previous patches.
> 
> The <flags> node will be used for parsing a rule in XML.
> 
> Signed-off-by: Arturo Borrero González <arturo.borrero.glez@gmail.com>
> ---
>  src/rule.c |    5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/src/rule.c b/src/rule.c
> index e419b0a..c463c69 100644
> --- a/src/rule.c
> +++ b/src/rule.c
> @@ -451,9 +451,10 @@ static int nft_rule_snprintf_xml(char *buf, size_t size, struct nft_rule *r,
>  	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
>  
>  	ret = snprintf(buf+offset, len, "<rule_flags>%u</rule_flags>"
> +					"<flags>%u</flags>"
>  					"<compat_flags>%u</compat_flags>"
>  					"<compat_proto>%u</compat_proto>",
> -					r->rule_flags,
> +					r->rule_flags, r->flags,

You should not rely on the r->flags in the XML parser. Same thing for
table, chain and expressions. Those flags are internal to the library
object representation and I would prefer if they still remain like
that.

I have applied this chunk below as bugfix.

>  					r->compat.flags, r->compat.proto);
>  	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
>  
> @@ -469,7 +470,7 @@ static int nft_rule_snprintf_xml(char *buf, size_t size, struct nft_rule *r,
>  		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
>  
>  	}
> -	ret = snprintf(buf+offset-1, len, "\n</rule>\n ");
> +	ret = snprintf(buf+offset, len, "\n</rule>\n ");
>  	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
>  
>  	return ret;

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/src/rule.c b/src/rule.c
index e419b0a..c463c69 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -451,9 +451,10 @@  static int nft_rule_snprintf_xml(char *buf, size_t size, struct nft_rule *r,
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
 	ret = snprintf(buf+offset, len, "<rule_flags>%u</rule_flags>"
+					"<flags>%u</flags>"
 					"<compat_flags>%u</compat_flags>"
 					"<compat_proto>%u</compat_proto>",
-					r->rule_flags,
+					r->rule_flags, r->flags,
 					r->compat.flags, r->compat.proto);
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
@@ -469,7 +470,7 @@  static int nft_rule_snprintf_xml(char *buf, size_t size, struct nft_rule *r,
 		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
 	}
-	ret = snprintf(buf+offset-1, len, "\n</rule>\n ");
+	ret = snprintf(buf+offset, len, "\n</rule>\n ");
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
 	return ret;