summaryrefslogtreecommitdiffstats
path: root/src/obj
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-08-31 16:16:40 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-08-31 17:52:01 +0200
commit590610d45983d48bc84adc7901e6e49628dab3c9 (patch)
treeae48cbb9c1e2e533989ad38c6c748119c2640c8a /src/obj
parent0cae4437d11fdfc18a53a166870e71b06e8c65e1 (diff)
obj: ct_timeout: use fixed size array
Use an internal array and expose maximum size so we can just use the same array size for all protocol timeouts. This simplifies handling a bit and we don't need to set NFTNL_OBJ_CT_TIMEOUT_L4PROTO in first place. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/obj')
-rw-r--r--src/obj/ct_timeout.c28
1 files changed, 5 insertions, 23 deletions
diff --git a/src/obj/ct_timeout.c b/src/obj/ct_timeout.c
index f39e5ad..fe0689a 100644
--- a/src/obj/ct_timeout.c
+++ b/src/obj/ct_timeout.c
@@ -86,27 +86,8 @@ nftnl_timeout_policy_attr_set_u32(struct nftnl_obj *e,
uint32_t type, uint32_t data)
{
struct nftnl_obj_ct_timeout *t = nftnl_obj_data(e);
- size_t timeout_array_size;
- /* Layer 4 protocol needs to be already set. */
- if (!(e->flags & (1 << NFTNL_OBJ_CT_TIMEOUT_L4PROTO)))
- return -1;
- if (t->timeout == NULL) {
- /* if not supported, default to generic protocol tracker. */
- if (timeout_protocol[t->l4proto].attr_max != 0) {
- timeout_array_size = sizeof(uint32_t) *
- timeout_protocol[t->l4proto].attr_max;
- } else {
- timeout_array_size = sizeof(uint32_t) *
- timeout_protocol[IPPROTO_RAW].attr_max;
- }
- t->timeout = calloc(1, timeout_array_size);
- if (t->timeout == NULL)
- return -1;
- }
-
- /* this state does not exists in this protocol tracker.*/
- if (type > timeout_protocol[t->l4proto].attr_max)
+ if (type >= NFTNL_CTTIMEOUT_ARRAY_MAX)
return -1;
t->timeout[type] = data;
@@ -173,11 +154,12 @@ static int nftnl_obj_ct_timeout_set(struct nftnl_obj *e, uint16_t type,
timeout->l4proto = *((uint8_t *)data);
break;
case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
- timeout->timeout = ((uint32_t *)data);
+ memcpy(timeout->timeout, data,
+ sizeof(uint32_t) * NFTNL_CTTIMEOUT_ARRAY_MAX);
break;
default:
return -1;
- }
+ }
return 0;
}
@@ -194,7 +176,7 @@ static const void *nftnl_obj_ct_timeout_get(const struct nftnl_obj *e,
*data_len = sizeof(timeout->l4proto);
return &timeout->l4proto;
case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
- *data_len = sizeof(timeout->timeout);
+ *data_len = sizeof(uint32_t) * NFTNL_CTTIMEOUT_ARRAY_MAX;
return timeout->timeout;
}
return NULL;