From 590610d45983d48bc84adc7901e6e49628dab3c9 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Fri, 31 Aug 2018 16:16:40 +0200
Subject: obj: ct_timeout: use fixed size array

Use an internal array and expose maximum size so we can just use the
same array size for all protocol timeouts. This simplifies handling
a bit and we don't need to set NFTNL_OBJ_CT_TIMEOUT_L4PROTO in first
place.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/obj/ct_timeout.c | 28 +++++-----------------------
 1 file changed, 5 insertions(+), 23 deletions(-)

(limited to 'src/obj')

diff --git a/src/obj/ct_timeout.c b/src/obj/ct_timeout.c
index f39e5ad..fe0689a 100644
--- a/src/obj/ct_timeout.c
+++ b/src/obj/ct_timeout.c
@@ -86,27 +86,8 @@ nftnl_timeout_policy_attr_set_u32(struct nftnl_obj *e,
 				 uint32_t type, uint32_t data)
 {
 	struct nftnl_obj_ct_timeout *t = nftnl_obj_data(e);
-	size_t timeout_array_size;
 
-	/* Layer 4 protocol needs to be already set. */
-	if (!(e->flags & (1 << NFTNL_OBJ_CT_TIMEOUT_L4PROTO)))
-		return -1;
-	if (t->timeout == NULL) {
-		/* if not supported, default to generic protocol tracker. */
-		if (timeout_protocol[t->l4proto].attr_max != 0) {
-			timeout_array_size = sizeof(uint32_t) *
-					timeout_protocol[t->l4proto].attr_max;
-		} else {
-			timeout_array_size = sizeof(uint32_t) *
-					timeout_protocol[IPPROTO_RAW].attr_max;
-		}
-		t->timeout = calloc(1, timeout_array_size);
-		if (t->timeout == NULL)
-			return -1;
-	}
-
-	/* this state does not exists in this protocol tracker.*/
-	if (type > timeout_protocol[t->l4proto].attr_max)
+	if (type >= NFTNL_CTTIMEOUT_ARRAY_MAX)
 		return -1;
 
 	t->timeout[type] = data;
@@ -173,11 +154,12 @@ static int nftnl_obj_ct_timeout_set(struct nftnl_obj *e, uint16_t type,
 		timeout->l4proto = *((uint8_t *)data);
 		break;
 	case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
-		timeout->timeout = ((uint32_t *)data);
+		memcpy(timeout->timeout, data,
+		       sizeof(uint32_t) * NFTNL_CTTIMEOUT_ARRAY_MAX);
 		break;
 	default:
 		return -1;
-		}
+	}
 	return 0;
 }
 
@@ -194,7 +176,7 @@ static const void *nftnl_obj_ct_timeout_get(const struct nftnl_obj *e,
 		*data_len = sizeof(timeout->l4proto);
 		return &timeout->l4proto;
 	case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
-		*data_len = sizeof(timeout->timeout);
+		*data_len = sizeof(uint32_t) * NFTNL_CTTIMEOUT_ARRAY_MAX;
 		return timeout->timeout;
 	}
 	return NULL;
-- 
cgit v1.2.3