path: root/src/libnftables.c
diff options
authorPhil Sutter <>2018-06-18 10:11:46 +0200
committerPablo Neira Ayuso <>2018-06-18 11:18:02 +0200
commit4677971a01dc4d92087dab139428cf4eaa189536 (patch)
tree6f287f244a935755cf004f737b2b850694820871 /src/libnftables.c
parent5ca7ad252366865225d5c59d297e71215b68f027 (diff)
libnftables: Simplify nft_run_cmd_from_buffer footprint
With libnftables documentation being upstream and one confirmed external user (nftlb), time to break the API! First of all, the command buffer passed to nft_run_cmd_from_buffer may (and should) be const. One should consider it a bug if that function ever changed it's content. On the other hand, there is no point in passing the buffer's length as separate argument: NULL bytes are not expected to occur in the input, so it is safe to rely upon strlen(). Also, the actual parsers don't require a buffer length passed to them, either. The only use-case for it is when reallocating the buffer to append a final newline character, there strlen() is perfectly sufficient. Suggested-by: Harald Welte <> Cc: Laura Garcia Liebana <> Cc: Eric Leblond <> Cc: Arturo Borrero Gonzalez <> Signed-off-by: Phil Sutter <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'src/libnftables.c')
1 files changed, 6 insertions, 8 deletions
diff --git a/src/libnftables.c b/src/libnftables.c
index dda986ca..9a97a3c5 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -396,7 +396,7 @@ static const struct input_descriptor indesc_cmdline = {
.name = "<cmdline>",
-static int nft_parse_bison_buffer(struct nft_ctx *nft, char *buf, size_t buflen,
+static int nft_parse_bison_buffer(struct nft_ctx *nft, const char *buf,
struct list_head *msgs, struct list_head *cmds)
struct cmd *cmd;
@@ -438,23 +438,21 @@ static int nft_parse_bison_filename(struct nft_ctx *nft, const char *filename,
return 0;
-int nft_run_cmd_from_buffer(struct nft_ctx *nft, char *buf, size_t buflen)
+int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf)
struct cmd *cmd, *next;
- size_t nlbuflen;
char *nlbuf;
int rc = -EINVAL;
- nlbuflen = max(buflen + 1, strlen(buf) + 2);
- nlbuf = xzalloc(nlbuflen);
- snprintf(nlbuf, nlbuflen, "%s\n", buf);
+ nlbuf = xzalloc(strlen(buf) + 2);
+ sprintf(nlbuf, "%s\n", buf);
if (nft->output.json)
- rc = nft_parse_json_buffer(nft, nlbuf, nlbuflen, &msgs, &cmds);
+ rc = nft_parse_json_buffer(nft, nlbuf, &msgs, &cmds);
if (rc == -EINVAL)
- rc = nft_parse_bison_buffer(nft, nlbuf, nlbuflen, &msgs, &cmds);
+ rc = nft_parse_bison_buffer(nft, nlbuf, &msgs, &cmds);
if (rc)
goto err;