@@ -66,7 +66,7 @@ parse_nft_among_pair(char *buf, struct nft_among_pair *pair, bool have_ip)
if (sep) {
*sep = '\0';
- if (!inet_aton(sep + 1, &pair->in))
+ if (!inet_pton(AF_INET, sep + 1, &pair->in))
xtables_error(PARAMETER_PROBLEM,
"Invalid IP address '%s'\n", sep + 1);
}
@@ -194,6 +194,7 @@ static void __bramong_print(struct nft_among_pair *pairs,
int cnt, bool inv, bool have_ip)
{
const char *isep = inv ? "! " : "";
+ char abuf[INET_ADDRSTRLEN];
int i;
for (i = 0; i < cnt; i++) {
@@ -202,7 +203,8 @@ static void __bramong_print(struct nft_among_pair *pairs,
printf("%s", ether_ntoa(&pairs[i].ether));
if (pairs[i].in.s_addr != INADDR_ANY)
- printf("=%s", inet_ntoa(pairs[i].in));
+ printf("=%s", inet_ntop(AF_INET, &pairs[i].in,
+ abuf, sizeof(abuf)));
}
printf(" ");
}
@@ -136,7 +136,7 @@ static void get_frag(struct nft_xt_ctx *ctx, struct nftnl_expr *e, bool *inv)
static const char *mask_to_str(uint32_t mask)
{
- static char mask_str[sizeof("255.255.255.255")];
+ static char mask_str[INET_ADDRSTRLEN];
uint32_t bits, hmask = ntohl(mask);
struct in_addr mask_addr = {
.s_addr = mask,
@@ -155,7 +155,7 @@ static const char *mask_to_str(uint32_t mask)
if (i >= 0)
sprintf(mask_str, "%u", i);
else
- sprintf(mask_str, "%s", inet_ntoa(mask_addr));
+ inet_ntop(AF_INET, &mask_addr, mask_str, sizeof(mask_str));
return mask_str;
}
@@ -298,10 +298,13 @@ static void nft_ipv4_print_rule(struct nft_handle *h, struct nftnl_rule *r,
static void save_ipv4_addr(char letter, const struct in_addr *addr,
uint32_t mask, int invert)
{
+ char addrbuf[INET_ADDRSTRLEN];
+
if (!mask && !invert && !addr->s_addr)
return;
- printf("%s-%c %s/%s ", invert ? "! " : "", letter, inet_ntoa(*addr),
+ printf("%s-%c %s/%s ", invert ? "! " : "", letter,
+ inet_ntop(AF_INET, addr, addrbuf, sizeof(addrbuf)),
mask_to_str(mask));
}
@@ -387,25 +390,27 @@ static void xlate_ipv4_addr(const char *selector, const struct in_addr *addr,
const struct in_addr *mask,
bool inv, struct xt_xlate *xl)
{
+ char mbuf[INET_ADDRSTRLEN], abuf[INET_ADDRSTRLEN];
const char *op = inv ? "!= " : "";
int cidr;
if (!inv && !addr->s_addr && !mask->s_addr)
return;
+ inet_ntop(AF_INET, addr, abuf, sizeof(abuf));
+
cidr = xtables_ipmask_to_cidr(mask);
switch (cidr) {
case -1:
- /* inet_ntoa() is not reentrant */
- xt_xlate_add(xl, "%s & %s ", selector, inet_ntoa(*mask));
- xt_xlate_add(xl, "%s %s ", inv ? "!=" : "==", inet_ntoa(*addr));
+ xt_xlate_add(xl, "%s & %s %s %s ", selector,
+ inet_ntop(AF_INET, mask, mbuf, sizeof(mbuf)),
+ inv ? "!=" : "==", abuf);
break;
case 32:
- xt_xlate_add(xl, "%s %s%s ", selector, op, inet_ntoa(*addr));
+ xt_xlate_add(xl, "%s %s%s ", selector, op, abuf);
break;
default:
- xt_xlate_add(xl, "%s %s%s/%d ", selector, op, inet_ntoa(*addr),
- cidr);
+ xt_xlate_add(xl, "%s %s%s/%d ", selector, op, abuf, cidr);
}
}
Both functions are obsolete, replace them by equivalent calls to inet_pton() and inet_ntop(). Signed-off-by: Phil Sutter <phil@nwl.cc> --- extensions/libebt_among.c | 6 ++++-- iptables/nft-ipv4.c | 23 ++++++++++++++--------- 2 files changed, 18 insertions(+), 11 deletions(-)