From: Jan Engelhardt <jengelh@medozas.de>
To: kaber@trash.net
Cc: netfilter-devel@vger.kernel.org
Subject: [PATCH 1/8] iptables: reduce indentation of parse loop (1/3)
Date: Fri, 4 Feb 2011 14:08:47 +0100 [thread overview]
Message-ID: <1296824935-4606-2-git-send-email-jengelh@medozas.de> (raw)
In-Reply-To: <1296824935-4606-1-git-send-email-jengelh@medozas.de>
Trying to make this code suck less by using early
exclusion/break/return.
References: http://iq0.com/notes/deep.nesting.html
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
ip6tables.c | 184 ++++++++++++++++++++++++++++----------------------------
iptables.c | 196 +++++++++++++++++++++++++++++-----------------------------
2 files changed, 190 insertions(+), 190 deletions(-)
diff --git a/ip6tables.c b/ip6tables.c
index 8c1b504..d453868 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1703,104 +1703,104 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
exit_tryhelp(2);
default:
- if (target == NULL || target->parse == NULL ||
- c < target->option_offset ||
- c >= target->option_offset + XT_OPTION_OFFSET_SCALE ||
- !target->parse(c - target->option_offset,
+ if (target != NULL && target->parse != NULL &&
+ c >= target->option_offset &&
+ c < target->option_offset + XT_OPTION_OFFSET_SCALE &&
+ target->parse(c - target->option_offset,
argv, invert,
&target->tflags,
- &fw, &target->t)) {
- for (matchp = matches; matchp; matchp = matchp->next) {
- if (matchp->completed ||
- matchp->match->parse == NULL)
- continue;
- if (c < matchp->match->option_offset ||
- c >= matchp->match->option_offset + XT_OPTION_OFFSET_SCALE)
- continue;
- if (matchp->match->parse(c - matchp->match->option_offset,
- argv, invert,
- &matchp->match->mflags,
- &fw,
- &matchp->match->m))
- break;
- }
- m = matchp ? matchp->match : NULL;
-
- /* If you listen carefully, you can
- actually hear this code suck. */
-
- /* some explanations (after four different bugs
- * in 3 different releases): If we encounter a
- * parameter, that has not been parsed yet,
- * it's not an option of an explicitly loaded
- * match or a target. However, we support
- * implicit loading of the protocol match
- * extension. '-p tcp' means 'l4 proto 6' and
- * at the same time 'load tcp protocol match on
- * demand if we specify --dport'.
- *
- * To make this work, we need to make sure:
- * - the parameter has not been parsed by
- * a match (m above)
- * - a protocol has been specified
- * - the protocol extension has not been
- * loaded yet, or is loaded and unused
- * [think of ip6tables-restore!]
- * - the protocol extension can be successively
- * loaded
- */
- if (m == NULL
- && protocol
- && (!find_proto(protocol, XTF_DONT_LOAD,
- options&OPT_NUMERIC, NULL)
- || (find_proto(protocol, XTF_DONT_LOAD,
- options&OPT_NUMERIC, NULL)
- && (proto_used == 0))
- )
- && (m = find_proto(protocol, XTF_TRY_LOAD,
- options&OPT_NUMERIC, &matches))) {
- /* Try loading protocol */
- size_t size;
-
- proto_used = 1;
-
- size = IP6T_ALIGN(sizeof(struct ip6t_entry_match))
- + m->size;
-
- m->m = xtables_calloc(1, size);
- m->m->u.match_size = size;
- strcpy(m->m->u.user.name, m->name);
- m->m->u.user.revision = m->revision;
- if (m->init != NULL)
- m->init(m->m);
-
- opts = xtables_merge_options(ip6tables_globals.orig_opts, opts,
- m->extra_opts, &m->option_offset);
-
- optind--;
+ &fw, &target->t))
+ break;
+ for (matchp = matches; matchp; matchp = matchp->next) {
+ if (matchp->completed ||
+ matchp->match->parse == NULL)
continue;
- }
+ if (c < matchp->match->option_offset ||
+ c >= matchp->match->option_offset + XT_OPTION_OFFSET_SCALE)
+ continue;
+ if (matchp->match->parse(c - matchp->match->option_offset,
+ argv, invert,
+ &matchp->match->mflags,
+ &fw,
+ &matchp->match->m))
+ break;
+ }
+ m = matchp ? matchp->match : NULL;
+
+ /* If you listen carefully, you can
+ actually hear this code suck. */
+
+ /* some explanations (after four different bugs
+ * in 3 different releases): If we encounter a
+ * parameter, that has not been parsed yet,
+ * it's not an option of an explicitly loaded
+ * match or a target. However, we support
+ * implicit loading of the protocol match
+ * extension. '-p tcp' means 'l4 proto 6' and
+ * at the same time 'load tcp protocol match on
+ * demand if we specify --dport'.
+ *
+ * To make this work, we need to make sure:
+ * - the parameter has not been parsed by
+ * a match (m above)
+ * - a protocol has been specified
+ * - the protocol extension has not been
+ * loaded yet, or is loaded and unused
+ * [think of ip6tables-restore!]
+ * - the protocol extension can be successively
+ * loaded
+ */
+ if (m == NULL
+ && protocol
+ && (!find_proto(protocol, XTF_DONT_LOAD,
+ options&OPT_NUMERIC, NULL)
+ || (find_proto(protocol, XTF_DONT_LOAD,
+ options&OPT_NUMERIC, NULL)
+ && (proto_used == 0))
+ )
+ && (m = find_proto(protocol, XTF_TRY_LOAD,
+ options&OPT_NUMERIC, &matches))) {
+ /* Try loading protocol */
+ size_t size;
+
+ proto_used = 1;
+
+ size = IP6T_ALIGN(sizeof(struct ip6t_entry_match))
+ + m->size;
- if (!m) {
- if (c == '?') {
- if (optopt) {
- xtables_error(
- PARAMETER_PROBLEM,
- "option `%s' "
- "requires an "
- "argument",
- argv[optind-1]);
- } else {
- xtables_error(
- PARAMETER_PROBLEM,
- "unknown option "
- "`%s'",
- argv[optind-1]);
- }
+ m->m = xtables_calloc(1, size);
+ m->m->u.match_size = size;
+ strcpy(m->m->u.user.name, m->name);
+ m->m->u.user.revision = m->revision;
+ if (m->init != NULL)
+ m->init(m->m);
+
+ opts = xtables_merge_options(ip6tables_globals.orig_opts, opts,
+ m->extra_opts, &m->option_offset);
+
+ optind--;
+ continue;
+ }
+
+ if (!m) {
+ if (c == '?') {
+ if (optopt) {
+ xtables_error(
+ PARAMETER_PROBLEM,
+ "option `%s' "
+ "requires an "
+ "argument",
+ argv[optind-1]);
+ } else {
+ xtables_error(
+ PARAMETER_PROBLEM,
+ "unknown option "
+ "`%s'",
+ argv[optind-1]);
}
- xtables_error(PARAMETER_PROBLEM,
- "Unknown arg `%s'", optarg);
}
+ xtables_error(PARAMETER_PROBLEM,
+ "Unknown arg `%s'", optarg);
}
}
invert = FALSE;
diff --git a/iptables.c b/iptables.c
index 2459b64..eb7ac8e 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1735,109 +1735,109 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
exit_tryhelp(2);
default:
- if (target == NULL || target->parse == NULL ||
- c < target->option_offset ||
- c >= target->option_offset + XT_OPTION_OFFSET_SCALE ||
- !target->parse(c - target->option_offset,
+ if (target != NULL && target->parse != NULL &&
+ c >= target->option_offset &&
+ c < target->option_offset + XT_OPTION_OFFSET_SCALE &&
+ target->parse(c - target->option_offset,
argv, invert,
&target->tflags,
- &fw, &target->t)) {
- for (matchp = matches; matchp; matchp = matchp->next) {
- if (matchp->completed ||
- matchp->match->parse == NULL)
- continue;
- if (c < matchp->match->option_offset ||
- c >= matchp->match->option_offset + XT_OPTION_OFFSET_SCALE)
- continue;
- if (matchp->match->parse(c - matchp->match->option_offset,
- argv, invert,
- &matchp->match->mflags,
- &fw,
- &matchp->match->m))
- break;
- }
- m = matchp ? matchp->match : NULL;
-
- /* If you listen carefully, you can
- actually hear this code suck. */
-
- /* some explanations (after four different bugs
- * in 3 different releases): If we encounter a
- * parameter, that has not been parsed yet,
- * it's not an option of an explicitly loaded
- * match or a target. However, we support
- * implicit loading of the protocol match
- * extension. '-p tcp' means 'l4 proto 6' and
- * at the same time 'load tcp protocol match on
- * demand if we specify --dport'.
- *
- * To make this work, we need to make sure:
- * - the parameter has not been parsed by
- * a match (m above)
- * - a protocol has been specified
- * - the protocol extension has not been
- * loaded yet, or is loaded and unused
- * [think of iptables-restore!]
- * - the protocol extension can be successively
- * loaded
- */
- if (m == NULL
- && protocol
- && (!find_proto(protocol, XTF_DONT_LOAD,
- options&OPT_NUMERIC, NULL)
- || (find_proto(protocol, XTF_DONT_LOAD,
- options&OPT_NUMERIC, NULL)
- && (proto_used == 0))
- )
- && (m = find_proto(protocol, XTF_TRY_LOAD,
- options&OPT_NUMERIC, &matches))) {
- /* Try loading protocol */
- size_t size;
-
- proto_used = 1;
-
- size = IPT_ALIGN(sizeof(struct ipt_entry_match))
- + m->size;
-
- m->m = xtables_calloc(1, size);
- m->m->u.match_size = size;
- strcpy(m->m->u.user.name, m->name);
- m->m->u.user.revision = m->revision;
- if (m->init != NULL)
- m->init(m->m);
-
- opts = xtables_merge_options(
- iptables_globals.orig_opts,
- opts,
- m->extra_opts,
- &m->option_offset);
- if (opts == NULL)
- xtables_error(OTHER_PROBLEM,
- "can't alloc memory!");
-
- optind--;
+ &fw, &target->t))
+ break;
+ for (matchp = matches; matchp; matchp = matchp->next) {
+ if (matchp->completed ||
+ matchp->match->parse == NULL)
continue;
- }
- if (!m) {
- if (c == '?') {
- if (optopt) {
- xtables_error(
- PARAMETER_PROBLEM,
- "option `%s' "
- "requires an "
- "argument",
- argv[optind-1]);
- } else {
- xtables_error(
- PARAMETER_PROBLEM,
- "unknown option "
- "`%s'",
- argv[optind-1]);
- }
+ if (c < matchp->match->option_offset ||
+ c >= matchp->match->option_offset + XT_OPTION_OFFSET_SCALE)
+ continue;
+ if (matchp->match->parse(c - matchp->match->option_offset,
+ argv, invert,
+ &matchp->match->mflags,
+ &fw,
+ &matchp->match->m))
+ break;
+ }
+ m = matchp ? matchp->match : NULL;
+
+ /* If you listen carefully, you can
+ actually hear this code suck. */
+
+ /* some explanations (after four different bugs
+ * in 3 different releases): If we encounter a
+ * parameter, that has not been parsed yet,
+ * it's not an option of an explicitly loaded
+ * match or a target. However, we support
+ * implicit loading of the protocol match
+ * extension. '-p tcp' means 'l4 proto 6' and
+ * at the same time 'load tcp protocol match on
+ * demand if we specify --dport'.
+ *
+ * To make this work, we need to make sure:
+ * - the parameter has not been parsed by
+ * a match (m above)
+ * - a protocol has been specified
+ * - the protocol extension has not been
+ * loaded yet, or is loaded and unused
+ * [think of iptables-restore!]
+ * - the protocol extension can be successively
+ * loaded
+ */
+ if (m == NULL
+ && protocol
+ && (!find_proto(protocol, XTF_DONT_LOAD,
+ options&OPT_NUMERIC, NULL)
+ || (find_proto(protocol, XTF_DONT_LOAD,
+ options&OPT_NUMERIC, NULL)
+ && (proto_used == 0))
+ )
+ && (m = find_proto(protocol, XTF_TRY_LOAD,
+ options&OPT_NUMERIC, &matches))) {
+ /* Try loading protocol */
+ size_t size;
+
+ proto_used = 1;
+
+ size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+ + m->size;
+
+ m->m = xtables_calloc(1, size);
+ m->m->u.match_size = size;
+ strcpy(m->m->u.user.name, m->name);
+ m->m->u.user.revision = m->revision;
+ if (m->init != NULL)
+ m->init(m->m);
+
+ opts = xtables_merge_options(
+ iptables_globals.orig_opts,
+ opts,
+ m->extra_opts,
+ &m->option_offset);
+ if (opts == NULL)
+ xtables_error(OTHER_PROBLEM,
+ "can't alloc memory!");
+
+ optind--;
+ continue;
+ }
+ if (!m) {
+ if (c == '?') {
+ if (optopt) {
+ xtables_error(
+ PARAMETER_PROBLEM,
+ "option `%s' "
+ "requires an "
+ "argument",
+ argv[optind-1]);
+ } else {
+ xtables_error(
+ PARAMETER_PROBLEM,
+ "unknown option "
+ "`%s'",
+ argv[optind-1]);
}
- xtables_error(PARAMETER_PROBLEM,
- "Unknown arg `%s'", optarg);
}
+ xtables_error(PARAMETER_PROBLEM,
+ "Unknown arg `%s'", optarg);
}
}
invert = FALSE;
--
1.7.1
next prev parent reply other threads:[~2011-02-04 13:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-04 13:08 iptables: mainloop cleanup, symbol vis+versioning Jan Engelhardt
2011-02-04 13:08 ` Jan Engelhardt [this message]
2011-02-04 13:08 ` [PATCH 2/8] iptables: reduce indentation of parse loop (2/3) Jan Engelhardt
2011-02-04 13:08 ` [PATCH 3/8] iptables: use variable as shortcut in parse loop Jan Engelhardt
2011-02-04 13:08 ` [PATCH 4/8] iptables: reduce indentation of parse loop (3/3) Jan Engelhardt
2011-02-04 13:08 ` [PATCH 5/8] iptables: fix error message for unknown options Jan Engelhardt
2011-02-04 13:08 ` [PATCH 6/8] build: directly use config.h in internal.h Jan Engelhardt
2011-02-04 13:08 ` [PATCH 7/8] libxtables: symbol visibility Jan Engelhardt
2011-02-04 13:13 ` Patrick McHardy
2011-02-04 13:22 ` Jan Engelhardt
2011-02-04 13:30 ` Patrick McHardy
2011-02-04 13:08 ` [PATCH 8/8] libxtables: symbol versioning Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1296824935-4606-2-git-send-email-jengelh@medozas.de \
--to=jengelh@medozas.de \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).