netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH nft] erec: Fix input descriptors for included files
@ 2017-02-21 14:48 Anatole Denis
  2017-02-25 12:51 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Anatole Denis @ 2017-02-21 14:48 UTC (permalink / raw)
  To: netfilter-devel; +Cc: Anatole Denis

Currently, when creating an error record (erec), the current location in the
file is duplicated, but not the input_descriptor inside it. Input descriptors
are added and removed by the parser when including files, and memory references
in the error record thus become incorrect when a subsequent file is included.

This patch copies the input descriptors recursively to ensure each erec has the
correct chain of input descriptors at the time of printing.

For example:
badinclude.nft:
```
include "error.nft"
include "empty.nft"
```
a.nft:
```
add rule t c obvious syntax error
```
b.nft: (empty file)

Results in the last included file being referenced and quoted for all errors
$ nft -f badinclude.nft
In file included from badinclude.nft:2:1-20:
./empty.nft:1:34-34: Error: syntax error, unexpected newline

                                 ^

Expected behavior:
$ nft -f badinclude.nft -I.
In file included from badinclude.nft:1:1-20:
./error.nft:1:34-34: Error: syntax error, unexpected newline
add rule t c obvious syntax error
                                 ^

Signed-off-by: Anatole Denis <anatole@rezel.net>
---
 src/erec.c | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/src/erec.c b/src/erec.c
index 3603216..eacdd97 100644
--- a/src/erec.c
+++ b/src/erec.c
@@ -33,15 +33,45 @@ static const char *error_record_names[] = {
 	[EREC_ERROR]		= "Error"
 };
 
+static void input_descriptor_destroy(const struct input_descriptor *indesc)
+{
+	if (indesc->location.indesc &&
+	    indesc->location.indesc->type != INDESC_INTERNAL) {
+		input_descriptor_destroy(indesc->location.indesc);
+	}
+	xfree(indesc);
+}
+
+static struct input_descriptor *input_descriptor_dup(const struct input_descriptor *indesc)
+{
+	struct input_descriptor *dup_indesc;
+
+	dup_indesc = xmalloc(sizeof(struct input_descriptor));
+	*dup_indesc = *indesc;
+
+	if (indesc->location.indesc &&
+	    indesc->location.indesc->type != INDESC_INTERNAL)
+		dup_indesc->location.indesc = input_descriptor_dup(indesc->location.indesc);
+
+	return dup_indesc;
+}
+
 void erec_add_location(struct error_record *erec, const struct location *loc)
 {
 	assert(erec->num_locations < EREC_LOCATIONS_MAX);
-	erec->locations[erec->num_locations++] = *loc;
+	erec->locations[erec->num_locations] = *loc;
+	erec->locations[erec->num_locations].indesc = input_descriptor_dup(loc->indesc);
+	erec->num_locations++;
 }
 
 static void erec_destroy(struct error_record *erec)
 {
+	unsigned int i;
+
 	xfree(erec->msg);
+	for (i = 0; i < erec->num_locations; i++) {
+		input_descriptor_destroy(erec->locations[i].indesc);
+	}
 	xfree(erec);
 }
 
-- 
2.11.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-02-25 13:00 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-02-21 14:48 [PATCH nft] erec: Fix input descriptors for included files Anatole Denis
2017-02-25 12:51 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).