From 6c0853b770a449103878a9fd32373e90fa5c6be2 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sat, 10 Dec 2022 23:36:39 +0100 Subject: scanner: match full comment line in case of tie add element ip filter public_services { # comment 1 tcp . 80 : jump log_accept, # comment 2 tcp . 443 : jump log_accept, } still fails with the error message: # nft -f filter_sets.ip In file included from filter_sets.ip:63:1-42: filter_sets.ip:4:12-12: Error: syntax error, unexpected newline, expecting comma or '}' # comment 2 ^ flex honors the first rule found in case of tie, place comment_line before comment rule. Fixes: 931737a17198 ("scanner: munch full comment lines") Reported-by: Jozsef Kadlecsik Signed-off-by: Pablo Neira Ayuso --- src/scanner.l | 2 +- tests/shell/testcases/comments/comments_0 | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/scanner.l b/src/scanner.l index e72a427a..7e8748f5 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -858,10 +858,10 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) {tab}+ {space}+ -{comment} {comment_line} { reset_pos(yyget_extra(yyscanner), yylloc); } +{comment} <> { update_pos(yyget_extra(yyscanner), yylloc, 1); diff --git a/tests/shell/testcases/comments/comments_0 b/tests/shell/testcases/comments/comments_0 index b272ad67..a50387d6 100755 --- a/tests/shell/testcases/comments/comments_0 +++ b/tests/shell/testcases/comments/comments_0 @@ -10,6 +10,7 @@ RULESET="table inet x { # comment 2.2.2.2, # comment # more comments 3.3.3.3, # comment +# comment } # comment } @@ -23,6 +24,7 @@ RULESET="table inet x { # comment } accept icmp type { +# comment 1, # comments also allowed here 2, -- cgit v1.2.3