diff options
author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2013-07-25 18:46:35 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-07-25 20:03:21 +0200 |
commit | e13819c5f5b6138c4c7e01156d0fd9f58b11702d (patch) | |
tree | c4bbc0256f537099a8233915597419843359793b /src/expr | |
parent | 3ebc57b84c227fcfc55545af85e246ab4cad2041 (diff) |
src: xml: consolidate common XML code via nft_mxml_num_parse
This patch moves common XML parsing code to nft_mxml_num_parse().
To handle this, the nft_strtoi() helper fuction is included.
I've changed some MXML_DESCEND[_FIRST] flags to avoid match a nested node under
some circumstances, ie, matching two nodes with the same name that are descendant.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expr')
-rw-r--r-- | src/expr/bitwise.c | 6 | ||||
-rw-r--r-- | src/expr/byteorder.c | 20 | ||||
-rw-r--r-- | src/expr/ct.c | 15 | ||||
-rw-r--r-- | src/expr/data_reg.c | 27 | ||||
-rw-r--r-- | src/expr/exthdr.c | 21 | ||||
-rw-r--r-- | src/expr/limit.c | 23 | ||||
-rw-r--r-- | src/expr/log.c | 46 |
7 files changed, 40 insertions, 118 deletions
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index 84de249..f0a2eff 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -201,6 +201,12 @@ nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree) bitwise->dreg = reg; e->flags |= (1 << NFT_EXPR_BITWISE_DREG); + if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, + BASE_DEC, &bitwise->len, NFT_TYPE_U8) != 0) + return -1; + + e->flags |= (1 << NFT_EXPR_BITWISE_LEN); + if (nft_mxml_data_reg_parse(tree, "mask", &bitwise->mask) != DATA_VALUE) return -1; diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c index e3b9a5e..a931ffa 100644 --- a/src/expr/byteorder.c +++ b/src/expr/byteorder.c @@ -187,8 +187,6 @@ nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree) #ifdef XML_PARSING struct nft_expr_byteorder *byteorder = nft_expr_data(e); mxml_node_t *node = NULL; - uint64_t tmp; - char *endptr = NULL; int32_t reg; reg = nft_mxml_reg_parse(tree, "sreg", MXML_DESCEND_FIRST); @@ -218,26 +216,16 @@ nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree) e->flags |= (1 << NFT_EXPR_BYTEORDER_OP); - node = mxmlFindElement(tree, tree, "len", NULL, NULL, MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT8_MAX || tmp < 0 || *endptr) + if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC, + &byteorder->len, NFT_TYPE_U8) != 0) goto err; - byteorder->len = tmp; e->flags |= (1 << NFT_EXPR_BYTEORDER_LEN); - node = mxmlFindElement(tree, tree, "size", NULL, NULL, MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT8_MAX || tmp < 0 || *endptr) + if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC, + &byteorder->size, NFT_TYPE_U8) != 0) goto err; - byteorder->size = tmp; e->flags |= (1 << NFT_EXPR_BYTEORDER_SIZE); return 0; diff --git a/src/expr/ct.c b/src/expr/ct.c index f399219..a0323e1 100644 --- a/src/expr/ct.c +++ b/src/expr/ct.c @@ -183,10 +183,9 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree #ifdef XML_PARSING struct nft_expr_ct *ct = nft_expr_data(e); mxml_node_t *node = NULL; - uint64_t tmp; int32_t reg; - char *endptr; int key; + uint8_t dir; reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST); if (reg < 0) @@ -206,18 +205,14 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree ct->key = key; e->flags |= (1 << NFT_EXPR_CT_KEY); - node = mxmlFindElement(tree, tree, "dir", NULL, NULL, MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT8_MAX || tmp < 0 || *endptr) + if (nft_mxml_num_parse(tree, "dir", MXML_DESCEND_FIRST, BASE_DEC, &dir, + NFT_TYPE_U8) != 0) goto err; - if (tmp != IP_CT_DIR_ORIGINAL && tmp != IP_CT_DIR_REPLY) + if (dir != IP_CT_DIR_ORIGINAL && dir != IP_CT_DIR_REPLY) goto err; - ct->dir = tmp; + ct->dir = dir; e->flags |= (1 << NFT_EXPR_CT_DIR); return 0; diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c index 260ae59..b290b96 100644 --- a/src/expr/data_reg.c +++ b/src/expr/data_reg.c @@ -134,9 +134,6 @@ static int nft_data_reg_value_xml_parse(union nft_data_reg *reg, char *xml) mxml_node_t *tree = NULL; mxml_node_t *node = NULL; int i; - int64_t tmp; - uint64_t utmp; - char *endptr; char node_name[6]; tree = mxmlLoadString(NULL, xml, MXML_OPAQUE_CALLBACK); @@ -172,38 +169,22 @@ static int nft_data_reg_value_xml_parse(union nft_data_reg *reg, char *xml) return -1; } - /* Get <len> */ - node = mxmlFindElement(tree, tree, "len", NULL, NULL, MXML_DESCEND); - if (node == NULL) { + if (nft_mxml_num_parse(tree, "len", MXML_DESCEND, BASE_DEC, ®->len, + NFT_TYPE_U8) != 0) { mxmlDelete(tree); return -1; } - tmp = strtoll(node->child->value.opaque, &endptr, 10); - if (tmp > INT64_MAX || tmp < 0 || *endptr) { - mxmlDelete(tree); - return -1; - } - - reg->len = tmp; - /* Get and set <dataN> */ for (i = 0; i < div_round_up(reg->len, sizeof(uint32_t)); i++) { sprintf(node_name, "data%d", i); - node = mxmlFindElement(tree, tree, node_name, NULL, - NULL, MXML_DESCEND); - if (node == NULL) { + if (nft_mxml_num_parse(tree, node_name, MXML_DESCEND, BASE_HEX, + ®->val[i], NFT_TYPE_U32) != 0) { mxmlDelete(tree); return -1; } - utmp = strtoull(node->child->value.opaque, &endptr, 16); - if (utmp == UINT64_MAX || utmp < 0 || *endptr) { - mxmlDelete(tree); - return -1; - } - reg->val[i] = utmp; } mxmlDelete(tree); diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c index 51e784e..769b53c 100644 --- a/src/expr/exthdr.c +++ b/src/expr/exthdr.c @@ -199,8 +199,6 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree) #ifdef XML_PARSING struct nft_expr_exthdr *exthdr = nft_expr_data(e); mxml_node_t *node = NULL; - uint64_t tmp; - char *endptr; int32_t reg; int type; @@ -225,28 +223,17 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree) e->flags |= (1 << NFT_EXPR_EXTHDR_TYPE); /* Get and set <offset> */ - node = mxmlFindElement(tree, tree, "offset", NULL, NULL, - MXML_DESCEND); - if (node == NULL) - return -1; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT_MAX || tmp < 0 || *endptr) + if (nft_mxml_num_parse(tree, "offset", MXML_DESCEND_FIRST, BASE_DEC, + &exthdr->offset, NFT_TYPE_U32) != 0) return -1; - exthdr->offset = tmp; e->flags |= (1 << NFT_EXPR_EXTHDR_OFFSET); /* Get and set <len> */ - node = mxmlFindElement(tree, tree, "len", NULL, NULL, MXML_DESCEND); - if (node == NULL) - return -1; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT_MAX || tmp < 0 || *endptr) + if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC, + &exthdr->len, NFT_TYPE_U32) != 0) return -1; - exthdr->len = tmp; e->flags |= (1 << NFT_EXPR_EXTHDR_LEN); return 0; diff --git a/src/expr/limit.c b/src/expr/limit.c index 2ecf7cb..27f880c 100644 --- a/src/expr/limit.c +++ b/src/expr/limit.c @@ -122,32 +122,17 @@ static int nft_rule_expr_limit_xml_parse(struct nft_rule_expr *e, mxml_node_t *t { #ifdef XML_PARSING struct nft_expr_limit *limit = nft_expr_data(e); - mxml_node_t *node = NULL; - uint64_t tmp; - char *endptr; - node = mxmlFindElement(tree, tree, "rate", NULL, NULL, - MXML_DESCEND_FIRST); - if (node == NULL) + if (nft_mxml_num_parse(tree, "rate", MXML_DESCEND_FIRST, BASE_DEC, + &limit->rate, NFT_TYPE_U64) != 0) goto err; - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT64_MAX || tmp < 0 || *endptr) - goto err; - - limit->rate = tmp; e->flags |= (1 << NFT_EXPR_LIMIT_RATE); - node = mxmlFindElement(tree, tree, "depth", NULL, NULL, - MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT64_MAX || tmp < 0 || *endptr) + if (nft_mxml_num_parse(tree, "depth", MXML_DESCEND_FIRST, BASE_DEC, + &limit->rate, NFT_TYPE_U64) != 0) goto err; - limit->depth = tmp; e->flags |= (1 << NFT_EXPR_LIMIT_DEPTH); return 0; diff --git a/src/expr/log.c b/src/expr/log.c index 1ffd1d9..9ff2d32 100644 --- a/src/expr/log.c +++ b/src/expr/log.c @@ -157,56 +157,36 @@ static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre #ifdef XML_PARSING struct nft_expr_log *log = nft_expr_data(e); mxml_node_t *node = NULL; - uint64_t tmp; - char *endptr; node = mxmlFindElement(tree, tree, "prefix", NULL, NULL, MXML_DESCEND_FIRST); - if (node == NULL) - goto err; + if (node == NULL) { + errno = EINVAL; + return -1; + } log->prefix = strdup(node->child->value.opaque); e->flags |= (1 << NFT_EXPR_LOG_PREFIX); - node = mxmlFindElement(tree, tree, "group", NULL, NULL, MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT32_MAX || tmp < 0 || *endptr) - goto err; + if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC, + &log->group, NFT_TYPE_U32) != 0) + return -1; - log->group = tmp; e->flags |= (1 << NFT_EXPR_LOG_GROUP); - node = mxmlFindElement(tree, tree, "snaplen", NULL, NULL, - MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT32_MAX || tmp < 0 || *endptr) - goto err; + if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC, + &log->snaplen, NFT_TYPE_U32) != 0) + return -1; - log->snaplen = tmp; e->flags |= (1 << NFT_EXPR_LOG_SNAPLEN); - node = mxmlFindElement(tree, tree, "qthreshold", NULL, NULL, - MXML_DESCEND); - if (node == NULL) - goto err; - - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT32_MAX || tmp < 0 || *endptr) - goto err; + if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST, + BASE_DEC, &log->qthreshold, NFT_TYPE_U32) != 0) + return -1; - log->qthreshold = tmp; e->flags |= (1 << NFT_EXPR_LOG_QTHRESHOLD); return 0; -err: - errno = EINVAL; - return -1; #else errno = EOPNOTSUPP; return -1; |