On 4 February 2016 at 20:38, Carlos Falgueras García
<[email protected]> wrote:
> Modify the rule structure and the parser to store the comment string into a
> TLV
> attribute. This way more data of any type could be stored with a rule.
>
> Signed-off-by: Carlos Falgueras García <[email protected]>
> ---
> include/rule.h | 4 +++-
> src/netlink_delinearize.c | 10 ++++++++--
> src/netlink_linearize.c | 4 +++-
> src/parser_bison.y | 19 ++++++++++++++++---
> src/rule.c | 12 +++++++++---
> 5 files changed, 39 insertions(+), 10 deletions(-)
>
> diff --git a/include/rule.h b/include/rule.h
> index c848f0f..7a18c50 100644
> --- a/include/rule.h
> +++ b/include/rule.h
> @@ -163,9 +163,11 @@ struct rule {
> struct location location;
> struct list_head stmts;
> unsigned int num_stmts;
> - const char *comment;
> + struct nftnl_attrbuf *comment;
> };
>
> +#define RULE_COMMENT_MAX_LEN 256
> +
> extern struct rule *rule_alloc(const struct location *loc,
> const struct handle *h);
> extern void rule_free(struct rule *rule);
> diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
> index ae6abb0..d0d85aa 100644
> --- a/src/netlink_delinearize.c
> +++ b/src/netlink_delinearize.c
> @@ -25,6 +25,7 @@
> #include <utils.h>
> #include <erec.h>
> #include <sys/socket.h>
> +#include <libnftnl/attr.h>
>
> struct netlink_parse_ctx {
> struct list_head *msgs;
> @@ -1734,12 +1735,17 @@ struct rule *netlink_delinearize_rule(struct
> netlink_ctx *ctx,
> assert(pctx->table != NULL);
>
> if (nftnl_rule_is_set(nlr, NFTNL_RULE_USERDATA)) {
> + struct nftnl_attrbuf *attrbuf;
> const void *data;
> uint32_t len;
>
> data = nftnl_rule_get_data(nlr, NFTNL_RULE_USERDATA, &len);
> - pctx->rule->comment = xmalloc(len);
> - memcpy((char *)pctx->rule->comment, data, len);
> + if (!(attrbuf = nftnl_attrbuf_alloc(len))) {
If I understand correctly above, you alloc here with length 'len'.
> + perror("Error allocating memory for attrbuf: ");
Minor thing here regarding perror: from the manpage <<the argument
string is printed, followed by a colon and a blank>>. So you would be
printing something like 'attrbuf: : '
> + exit(EXIT_FAILURE);
> + }
> + pctx->rule->comment = nftnl_attrbuf_alloc(len);
Another alloc above with length 'len', memleak warning.
> + nftnl_attrbuf_set_data(pctx->rule->comment, data, len);
> }
>
> nftnl_expr_foreach((struct nftnl_rule *)nlr, netlink_parse_expr,
> pctx);
--
Arturo Borrero González
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
