summaryrefslogtreecommitdiffstats
path: root/src/erec.c
Commit message (Collapse)AuthorAgeFilesLines
* erec: fix logic when reading from fileEric Leblond2015-06-301-0/+3
| | | | | | | | | | | In case we are reading the rules from a file we need to reset the file descriptor to the original position when calling erec_print. This was not the case in previous code and was leading to valid file to be seen as invalid when treated in debug mode. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* erec: fix buffer overflowEric Leblond2015-06-301-5/+12
| | | | | | | | | | | A static array was used to read data and to write information in it without checking the limit of the array. The result was a buffer overflow when the line was longer than 1024. This patch now uses a allocated buffer to avoid the problem. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* erec: use stdio vasprintf instead of gmp_vasprintfSteven Barth2015-01-071-1/+5
| | | | | | | | | Use stdio's vasprintf instead of gmp_vasprintf which is not part of the mini-gmp function subset. Furthermore convert the only gmp-specific user and allow the compiler to verify format-strings. Signed-off-by: Steven Barth <cyrus@openwrt.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* build: autotools conversionPablo Neira Ayuso2014-11-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) This removes former Makefiles and install-sh (which is now automagically imported via autoreconf). Makefile.defs.in Makefile.in Makefile.rules.in src/Makefile.in install-sh (now automagically imported via autoreconf). 2) CFLAGS are left almost same, they are integrated into Make_global.am. Use AM_CPPFLAGS to set the CFLAGS set by pkgconfig. 3) Add m4 directory to the tree which only contains the .gitignore file. Update .gitignore file to skip autogenerated files. 4) include <config.h> whenever required. 5) Minor adjustments to scanner.l and parser_bison.y to compile cleanly with autotools. 6) Add %option outfile=lex.yy.c to scanner.l, otherwise I hit this error here: gcc -DHAVE_CONFIG_H -I. -I.. -I../include -DDEFAULT_INCLUDE_PATH="\"/usr/etc\"" -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wsign-compare -Winit-self -Wformat-nonliteral -Wformat-security -Wmissing-format-attribute -Wcast-align -Wundef -Wbad-function-cast -g -O2 -MT mnl.o -MD -MP -MF $depbase.Tpo -c -o mnl.o mnl.c &&\ mv -f $depbase.Tpo $depbase.Po /bin/sh ../build-aux/ylwrap scanner.l lex.yy.c scanner.c -- flex make[3]: *** [scanner.c] Error 1 make[3]: Leaving directory `/home/pablo/devel/scm/git-netfilter/nftables/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/home/pablo/devel/scm/git-netfilter/nftables/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/pablo/devel/scm/git-netfilter/nftables' make: *** [all] Error 2 7) Add Makefile.am for include/ (contributed by Giorgio Dal Molin). The doc/ and files/ conversion to automake will come in follow up patches but 'make distcheck' already works. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* erec: skip includes with INDESC_INTERNALPatrick McHardy2014-02-041-1/+3
| | | | | | | Don't display "In file included from internal:0:0-0:" for errors occuring in a parsed file. Signed-off-by: Patrick McHardy <kaber@trash.net>
* erec: fix error markup for errors starting at column 0Patrick McHardy2014-01-101-1/+2
| | | | | | For errors starting at column 0, we must not subtract 1 to avoid underflow. Signed-off-by: Patrick McHardy <kaber@trash.net>
* src: use libnftablesPablo Neira Ayuso2013-06-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This patch migrates nft to use the libnftables library, that is used by the iptables over nftables compat utility as well. Most of the conversion was pretty straight forward. Some small significant changes happened in the handling of set element and immediate data abstraction that libnl provides. libnftables is a bit more granular since it splits the struct nfnl_nft_data into three attributes: verdict, chain and plain data (used in maps). I have added a new file src/mnl.c that contains the low level netlink communication that now resides in nftables source tree instead of the library. This should help to implement the batching support using libmnl in follow up patches. I also spent some significant amount of time running my tests to make sure that we don't increase the number of bugs that we already have (I plan to provide a list of those that I have detected and diagnosed, so anyone else can help us to fix them). As a side effect, this change should also prepare the ground for JSON and XML support anytime soon. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* debug: include verbose message in all BUG statementsroot2012-12-081-1/+1
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* erec: Handle returned value properly in erec_printTomasz Bursztyka2012-08-031-3/+4
| | | | | Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Initial commitv0.01-alpha1Patrick McHardy2009-03-181-0/+159