From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Alvaro Neira <alvaroneay@gmail.com>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [libnftables PATCH 2/2] src: new error reporting approach for XML/JSON parsers
Date: Sat, 4 Jan 2014 01:42:15 +0100 [thread overview]
Message-ID: <20140104004215.GB23504@localhost> (raw)
In-Reply-To: <20131231112754.11095.95241.stgit@Ph0enix>
Hi Alvaro,
Several comments on this patch.
On Tue, Dec 31, 2013 at 12:27:54PM +0100, Alvaro Neira wrote:
> From: Álvaro Neira Ayuso <alvaroneay@gmail.com>
>
> I have added a new structure for reporting some errors that
> we can't consider with errno.
Please, longer/better descriptions are required. Examples are very
useful to show how errors are displayed if you use this new API.
> Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
> ---
> examples/nft-chain-json-add.c | 11 +++++
> examples/nft-chain-xml-add.c | 11 +++++
> examples/nft-rule-json-add.c | 11 +++++
> examples/nft-rule-xml-add.c | 11 +++++
> examples/nft-set-json-add.c | 12 +++++
> examples/nft-table-json-add.c | 11 +++++
> examples/nft-table-xml-add.c | 12 +++++
> include/libnftables/chain.h | 3 +
> include/libnftables/common.h | 11 +++++
> include/libnftables/rule.h | 3 +
> include/libnftables/ruleset.h | 3 +
> include/libnftables/set.h | 6 ++-
> include/libnftables/table.h | 3 +
> src/Makefile.am | 1
> src/chain.c | 75 ++++++++++++++++++++--------------
> src/common.c | 33 +++++++++++++++
> src/expr/bitwise.c | 26 ++++++------
> src/expr/byteorder.c | 27 +++++++-----
> src/expr/cmp.c | 20 +++++----
> src/expr/counter.c | 16 +++++--
> src/expr/ct.c | 19 +++++----
> src/expr/data_reg.c | 54 ++++++++++++++-----------
> src/expr/data_reg.h | 6 ++-
> src/expr/exthdr.c | 23 ++++++----
> src/expr/immediate.c | 14 ++++--
> src/expr/limit.c | 17 +++++---
> src/expr/log.c | 27 ++++++++----
> src/expr/lookup.c | 18 +++++---
> src/expr/match.c | 10 +++--
> src/expr/meta.c | 14 ++++--
> src/expr/nat.c | 30 +++++++-------
> src/expr/payload.c | 24 ++++++-----
> src/expr/reject.c | 16 +++++--
> src/expr/target.c | 10 +++--
> src/expr_ops.h | 6 ++-
> src/internal.h | 90 +++++++++++++++++++++++++++++------------
> src/jansson.c | 83 ++++++++++++++++++++++++++------------
> src/libnftables.map | 5 ++
> src/mxml.c | 81 +++++++++++++++++++++++++++----------
> src/rule.c | 69 ++++++++++++++++++-------------
> src/ruleset.c | 72 +++++++++++++++++++--------------
> src/set.c | 70 ++++++++++++++++++--------------
> src/set_elem.c | 21 +++++-----
> src/table.c | 44 ++++++++++++--------
> tests/nft-parsing-test.c | 37 ++++++++++-------
> 45 files changed, 759 insertions(+), 407 deletions(-)
>
> diff --git a/examples/nft-chain-json-add.c b/examples/nft-chain-json-add.c
> index 50cb29f..384729c 100644
> --- a/examples/nft-chain-json-add.c
> +++ b/examples/nft-chain-json-add.c
> @@ -39,6 +39,7 @@ int main(int argc, char *argv[])
> uint16_t family;
> char json[4096];
> char reprint[4096];
> + struct nft_parse_err *err;
>
> if (argc < 2) {
> printf("Usage: %s <json-file>\n", argv[0]);
> @@ -63,10 +64,17 @@ int main(int argc, char *argv[])
> exit(EXIT_FAILURE);
> }
>
> + err = nft_err_alloc();
nft_err_alloc() should be renamed to nft_parse_err_alloc() to make
this specific to parsing functions.
Then, nft_err_free() to nft_parse_err_free().
> + if(err == NULL) {
^
cosmetic: missing space
> + perror("error");
> + exit(EXIT_FAILURE);
> + }
> +
> close(fd);
>
> - if (nft_chain_parse(c, NFT_PARSE_JSON, json) < 0) {
> + if (nft_chain_parse(c, NFT_PARSE_JSON, json, err) < 0) {
> printf("E: Unable to parse JSON file: %s\n", strerror(errno));
This line above should be removed, the error printing function should
provide enough information to make this unnecessary...
> + nft_err_print(err);
Better replace this nft_err_print by:
int nft_parse_perror(const char *str, struct nft_parse_err *err)
then, the example invocation looks like:
nft_parse_perror("Unable to parse JSON file", err);
the output message should look like:
Unable to parse JSON file: Bad input at line ...
attaching the descriptive information that should help to locate the
problem.
> exit(EXIT_FAILURE);
> }
>
> @@ -82,6 +90,7 @@ int main(int argc, char *argv[])
> nft_chain_nlmsg_build_payload(nlh, c);
>
> nft_chain_free(c);
> + nft_err_free(err);
>
> nl = mnl_socket_open(NETLINK_NETFILTER);
> if (nl == NULL) {
> diff --git a/examples/nft-chain-xml-add.c b/examples/nft-chain-xml-add.c
> index 03a2950..e3dd652 100644
> --- a/examples/nft-chain-xml-add.c
> +++ b/examples/nft-chain-xml-add.c
> @@ -37,6 +37,7 @@ int main(int argc, char *argv[])
> uint16_t family;
> char xml[4096];
> char reprint[4096];
> + struct nft_parse_err *err;
>
> if (argc < 2) {
> printf("Usage: %s <xml-file>\n", argv[0]);
> @@ -49,6 +50,12 @@ int main(int argc, char *argv[])
> exit(EXIT_FAILURE);
> }
>
> + err = nft_err_alloc();
> + if(err == NULL) {
Same here and in other examples.
> + perror("error");
> + exit(EXIT_FAILURE);
> + }
> +
> fd = open(argv[1], O_RDONLY);
> if (fd < 0) {
> perror("open");
> @@ -63,8 +70,9 @@ int main(int argc, char *argv[])
>
> close(fd);
>
> - if (nft_chain_parse(c, NFT_PARSE_XML, xml) < 0) {
> + if (nft_chain_parse(c, NFT_PARSE_XML, xml, err) < 0) {
> printf("E: Unable to parse XML file: %s\n", strerror(errno));
> + nft_err_print(err);
> exit(EXIT_FAILURE);
> }
>
> @@ -80,6 +88,7 @@ int main(int argc, char *argv[])
> nft_chain_nlmsg_build_payload(nlh, c);
>
> nft_chain_free(c);
> + nft_err_free(err);
>
> nl = mnl_socket_open(NETLINK_NETFILTER);
> if (nl == NULL) {
> diff --git a/include/libnftables/common.h b/include/libnftables/common.h
> index 9cd92b2..b88c899 100644
> --- a/include/libnftables/common.h
> +++ b/include/libnftables/common.h
> @@ -1,6 +1,12 @@
> #ifndef _LIBNFTABLES_COMMON_H_
> #define _LIBNFTABLES_COMMON_H_
>
> +enum {
> + NFT_EBADINPUT = 0,
> + NFT_EMISSINGNODE,
> + NFT_EBADTYPE,
NFT_PARSE_EBADINPUT
NFT_PARSE_EMISSINGNODE
NFT_PARSE_EBADTYPE
add infix _PARSE_ so these are clearly specific to the parsing
function.
BTW, I don't see any getter function in this patch to access the private
attributes of this new nft_parse_err object, those need to be added.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2014-01-04 0:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-31 11:27 [libnftables PATCH 1/2] src: rename the parameter tag to node_name in jansson function Alvaro Neira
2013-12-31 11:27 ` [libnftables PATCH 2/2] src: new error reporting approach for XML/JSON parsers Alvaro Neira
2014-01-04 0:42 ` Pablo Neira Ayuso [this message]
2013-12-31 18:59 ` [libnftables PATCH 1/2] src: rename the parameter tag to node_name in jansson function Arturo Borrero Gonzalez
2014-01-03 23:32 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140104004215.GB23504@localhost \
--to=pablo@netfilter.org \
--cc=alvaroneay@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.