diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-15 13:14:18 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-18 03:14:08 +0200 |
| commit | 788c986343bc24bd0272e8aa409121ffe51f1ef3 (patch) | |
| tree | 42cf0210e9fce93e0a5a951f0012e891fa750b05 /src | |
| parent | ddb1f1f8cdca2e0f70254a5adcc0291907503a36 (diff) | |
src: quote user-defined strings when used from rule selectors
The following selectors display strings using quotes:
* meta iifname
* meta oifname
* meta ibriport
* meta obriport
However, the following do not:
* meta oif
* meta iif
* meta skuid
* meta skgid
* meta iifgroup
* meta oifgroup
* meta rtclassid
* ct label
Given they refer to user-defined values, neither keywords nor internal
built-in known values, let's quote the output of this.
This patch modifies symbolic_constant_print() so we can signal this to
indicate if the string needs to be quoted.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/ct.c | 2 | ||||
| -rw-r--r-- | src/datatype.c | 12 | ||||
| -rw-r--r-- | src/meta.c | 12 | ||||
| -rw-r--r-- | src/proto.c | 2 |
4 files changed, 16 insertions, 12 deletions
@@ -108,7 +108,7 @@ static void ct_label_type_print(const struct expr *expr) for (s = ct_label_tbl->symbols; s->identifier != NULL; s++) { if (bit != s->value) continue; - printf("%s", s->identifier); + printf("\"%s\"", s->identifier); return; } /* can happen when connlabel.conf is altered after rules were added */ diff --git a/src/datatype.c b/src/datatype.c index 002c4c66..2b1619a6 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -86,7 +86,8 @@ void datatype_print(const struct expr *expr) if (dtype->print != NULL) return dtype->print(expr); if (dtype->sym_tbl != NULL) - return symbolic_constant_print(dtype->sym_tbl, expr); + return symbolic_constant_print(dtype->sym_tbl, expr, + false); } while ((dtype = dtype->basetype)); BUG("datatype %s has no print method or symbol table\n", @@ -154,7 +155,7 @@ out: } void symbolic_constant_print(const struct symbol_table *tbl, - const struct expr *expr) + const struct expr *expr, bool quotes) { unsigned int len = div_round_up(expr->len, BITS_PER_BYTE); const struct symbolic_constant *s; @@ -173,7 +174,10 @@ void symbolic_constant_print(const struct symbol_table *tbl, if (s->identifier == NULL) return expr_basetype(expr)->print(expr); - printf("%s", s->identifier); + if (quotes) + printf("\"%s\"", s->identifier); + else + printf("%s", s->identifier); } void symbol_table_print(const struct symbol_table *tbl, @@ -684,7 +688,7 @@ static void __exit mark_table_exit(void) static void mark_type_print(const struct expr *expr) { - return symbolic_constant_print(mark_tbl, expr); + return symbolic_constant_print(mark_tbl, expr, true); } static struct error_record *mark_type_parse(const struct expr *sym, @@ -47,7 +47,7 @@ static void __exit realm_table_exit(void) static void realm_type_print(const struct expr *expr) { - return symbolic_constant_print(realm_tbl, expr); + return symbolic_constant_print(realm_tbl, expr, true); } static struct error_record *realm_type_parse(const struct expr *sym, @@ -144,7 +144,7 @@ static void ifindex_type_print(const struct expr *expr) ifindex = mpz_get_uint32(expr->value); if (nft_if_indextoname(ifindex, name)) - printf("%s", name); + printf("\"%s\"", name); else printf("%d", ifindex); } @@ -208,7 +208,7 @@ static void uid_type_print(const struct expr *expr) pw = getpwuid(uid); if (pw != NULL) - printf("%s", pw->pw_name); + printf("\"%s\"", pw->pw_name); else printf("%d", uid); return; @@ -260,7 +260,7 @@ static void gid_type_print(const struct expr *expr) gr = getgrgid(gid); if (gr != NULL) - printf("%s", gr->gr_name); + printf("\"%s\"", gr->gr_name); else printf("%u", gid); return; @@ -314,7 +314,7 @@ static const struct symbol_table pkttype_type_tbl = { static void pkttype_type_print(const struct expr *expr) { - return symbolic_constant_print(&pkttype_type_tbl, expr); + return symbolic_constant_print(&pkttype_type_tbl, expr, false); } static const struct datatype pkttype_type = { @@ -341,7 +341,7 @@ static void __exit devgroup_table_exit(void) static void devgroup_type_print(const struct expr *expr) { - return symbolic_constant_print(devgroup_tbl, expr); + return symbolic_constant_print(devgroup_tbl, expr, true); } static struct error_record *devgroup_type_parse(const struct expr *sym, diff --git a/src/proto.c b/src/proto.c index 4c12977c..94995f10 100644 --- a/src/proto.c +++ b/src/proto.c @@ -871,7 +871,7 @@ static const struct symbol_table ethertype_tbl = { static void ethertype_print(const struct expr *expr) { - return symbolic_constant_print(ðertype_tbl, expr); + return symbolic_constant_print(ðertype_tbl, expr, false); } const struct datatype ethertype_type = { |