Patchwork [libnftables,11/13] expr: payload: add nft_str2base function

login
register
mail settings
Submitter Alvaro Neira
Date Aug. 9, 2013, 11:14 a.m.
Message ID <20130809111415.29819.19869.stgit@Ph0enix>
Download mbox | patch
Permalink /patch/266001/
State Accepted
Headers show

Comments

Alvaro Neira - Aug. 9, 2013, 11:14 a.m.
From: Álvaro Neira Ayuso <alvaroneay@gmail.com>

Add function that will be use in the JSON parser

Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
---
 src/expr/payload.c |   32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Arturo Borrero - Aug. 9, 2013, 11:31 a.m.
On 9 August 2013 13:14, Alvaro Neira <alvaroneay@gmail.com> wrote:
> From: Álvaro Neira Ayuso <alvaroneay@gmail.com>
>
> Add function that will be use in the JSON parser
>
> Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
> ---
>  src/expr/payload.c |   32 ++++++++++++++++++++------------
>  1 file changed, 20 insertions(+), 12 deletions(-)
>
> diff --git a/src/expr/payload.c b/src/expr/payload.c
> index 34aee90..e32ae1b 100644
> --- a/src/expr/payload.c
> +++ b/src/expr/payload.c
> @@ -13,6 +13,7 @@
>
>  #include <stdio.h>
>  #include <stdint.h>
> +#include <string.h>
>  #include <limits.h>
>  #include <arpa/inet.h>
>  #include <errno.h>
> @@ -178,13 +179,27 @@ nft_rule_expr_payload_snprintf_json(char *buf, size_t len, uint32_t flags,
>         return offset;
>  }
>
> +static inline int nft_str2base(const char *base)
> +{
> +       if (strcmp(base, "link") == 0)
> +               return NFT_PAYLOAD_LL_HEADER;
> +       else if (strcmp(base, "network") == 0)
> +               return NFT_PAYLOAD_NETWORK_HEADER;
> +       else if (strcmp(base, "transport") == 0)
> +               return NFT_PAYLOAD_TRANSPORT_HEADER;
> +       else {
> +               errno = EINVAL;
> +               return -1;
> +       }
> +}
> +
>  static int
>  nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
>  {
>  #ifdef XML_PARSING
>         struct nft_expr_payload *payload = nft_expr_data(e);
>         const char *base_str;
> -       int32_t reg;
> +       int32_t reg, base;
>
>         reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
>         if (reg < 0)
> @@ -197,14 +212,10 @@ nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
>         if (base_str == NULL)
>                 return -1;
>
> -       if (strcmp(base_str, "link") == 0)
> -               payload->base = NFT_PAYLOAD_LL_HEADER;
> -       else if (strcmp(base_str, "network") == 0)
> -               payload->base = NFT_PAYLOAD_NETWORK_HEADER;
> -       else if (strcmp(base_str, "transport") == 0)
> -               payload->base = NFT_PAYLOAD_TRANSPORT_HEADER;
> -       else
> -               goto err;
> +       base = nft_str2base(base_str);
> +
> +       if (base < 0)
> +               return -1;

I think we need this:

payload->base = base;

Also, maybe goto err in case of base < 0
Arturo Borrero - Aug. 9, 2013, 11:34 a.m.
On 9 August 2013 13:14, Alvaro Neira <alvaroneay@gmail.com> wrote:
> -err:
> -       errno = EINVAL;
> -       return -1;

not going to err anymore, obviously
Pablo Neira - Aug. 9, 2013, 11:43 a.m.
On Fri, Aug 09, 2013 at 01:31:35PM +0200, Arturo Borrero Gonzalez wrote:
> >         if (base_str == NULL)
> >                 return -1;
> >
> > -       if (strcmp(base_str, "link") == 0)
> > -               payload->base = NFT_PAYLOAD_LL_HEADER;
> > -       else if (strcmp(base_str, "network") == 0)
> > -               payload->base = NFT_PAYLOAD_NETWORK_HEADER;
> > -       else if (strcmp(base_str, "transport") == 0)
> > -               payload->base = NFT_PAYLOAD_TRANSPORT_HEADER;
> > -       else
> > -               goto err;
> > +       base = nft_str2base(base_str);
> > +
> > +       if (base < 0)
> > +               return -1;
> 
> I think we need this:
> 
> payload->base = base;

Good catch, I'm going to manually fix this. Thanks for reviewing.

> Also, maybe goto err in case of base < 0

errno is already set from the new function.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/src/expr/payload.c b/src/expr/payload.c
index 34aee90..e32ae1b 100644
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -13,6 +13,7 @@ 
 
 #include <stdio.h>
 #include <stdint.h>
+#include <string.h>
 #include <limits.h>
 #include <arpa/inet.h>
 #include <errno.h>
@@ -178,13 +179,27 @@  nft_rule_expr_payload_snprintf_json(char *buf, size_t len, uint32_t flags,
 	return offset;
 }
 
+static inline int nft_str2base(const char *base)
+{
+	if (strcmp(base, "link") == 0)
+		return NFT_PAYLOAD_LL_HEADER;
+	else if (strcmp(base, "network") == 0)
+		return NFT_PAYLOAD_NETWORK_HEADER;
+	else if (strcmp(base, "transport") == 0)
+		return NFT_PAYLOAD_TRANSPORT_HEADER;
+	else {
+		errno = EINVAL;
+		return -1;
+	}
+}
+
 static int
 nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 {
 #ifdef XML_PARSING
 	struct nft_expr_payload *payload = nft_expr_data(e);
 	const char *base_str;
-	int32_t reg;
+	int32_t reg, base;
 
 	reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
 	if (reg < 0)
@@ -197,14 +212,10 @@  nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 	if (base_str == NULL)
 		return -1;
 
-	if (strcmp(base_str, "link") == 0)
-		payload->base = NFT_PAYLOAD_LL_HEADER;
-	else if (strcmp(base_str, "network") == 0)
-		payload->base = NFT_PAYLOAD_NETWORK_HEADER;
-	else if (strcmp(base_str, "transport") == 0)
-		payload->base = NFT_PAYLOAD_TRANSPORT_HEADER;
-	else
-		goto err;
+	base = nft_str2base(base_str);
+
+	if (base < 0)
+		return -1;
 
 	e->flags |= (1 << NFT_EXPR_PAYLOAD_BASE);
 
@@ -220,9 +231,6 @@  nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 
 	e->flags |= (1 << NFT_EXPR_PAYLOAD_LEN);
 	return 0;
-err:
-	errno = EINVAL;
-	return -1;
 #else
 	errno = EOPNOTSUPP;
 	return -1;