From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [nft PATCH 2/2] scanner: Extend asteriskstring definition
Date: Fri, 7 Feb 2020 18:59:02 +0100 [thread overview]
Message-ID: <20200207175902.GB19873@orbyte.nwl.cc> (raw)
In-Reply-To: <20200207173140.hhqav2g6ckxnibmy@salvia>
Hi Pablo,
On Fri, Feb 07, 2020 at 06:31:40PM +0100, Pablo Neira Ayuso wrote:
> On Thu, Feb 06, 2020 at 12:38:28PM +0100, Phil Sutter wrote:
> > Accept sole escaped asterisks as well as unescaped asterisks if
> > surrounded by strings. The latter is merely cosmetic, but literal
> > asterisk will help when translating from iptables where asterisk has no
> > special meaning.
> >
> > Signed-off-by: Phil Sutter <phil@nwl.cc>
> > ---
> > src/scanner.l | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/src/scanner.l b/src/scanner.l
> > index 99ee83559d2eb..da9bacee23eb5 100644
> > --- a/src/scanner.l
> > +++ b/src/scanner.l
> > @@ -120,7 +120,7 @@ numberstring ({decstring}|{hexstring})
> > letter [a-zA-Z]
> > string ({letter}|[_.])({letter}|{digit}|[/\-_\.])*
> > quotedstring \"[^"]*\"
> > -asteriskstring ({string}\*|{string}\\\*)
> > +asteriskstring ({string}\*|{string}\\\*|\\\*|{string}\*{string})
>
> Probably this:
>
> {string}\\\*{string})
>
> instead of:
>
> {string}\*{string})
>
> ?
>
> The escaping makes it probably clear that there is no support for
> infix wildcard matching?
Ah, you're right. I assumed it wasn't necessary to escape the asterisk
mid-string, but if we ever added support for infix wildcards (no matter
how unlikely) we were in real trouble.
BTW: Given how confusing bison-generated error messages are, maybe I
should introduce "infixasteriskstring" in scanner.l to catch unescaped
infix asterisks and generate a readable error message from there?
> This asteriskstring rule is falling under the string rule in bison.
> This is allowing to use \\\* for log messages too, and elsewhere.
Ah, that's right. Good, bad, ugly? Just a "neutral remark" from you? :)
Thanks, Phil
next prev parent reply other threads:[~2020-02-07 17:59 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-06 11:38 [nft PATCH 1/2] doc: nft.8: Mention wildcard interface matching Phil Sutter
2020-02-06 11:38 ` [nft PATCH 2/2] scanner: Extend asteriskstring definition Phil Sutter
2020-02-07 17:31 ` Pablo Neira Ayuso
2020-02-07 17:59 ` Phil Sutter [this message]
2020-02-09 22:21 ` Pablo Neira Ayuso
2020-02-10 11:18 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200207175902.GB19873@orbyte.nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).