diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-06-19 22:06:59 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2012-06-19 22:06:59 +0200 |
commit | 59d72e349a19da49d22934c1cdab914c3087c702 (patch) | |
tree | aa0ddc4bbb25c090b5de14372383e3dcacaa6f04 /src/ui.c | |
parent | ed668b564ed32d1784f6a8b25b3c130e0d6a9ee9 (diff) |
The commandline parser was too permissive, make it more strict
The parser allowed more possible argument alternatives for
command options than the documented one, which limited the possibility
of other option names. The patch makes the parser more strict.
Diffstat (limited to 'src/ui.c')
-rw-r--r-- | src/ui.c | 60 |
1 files changed, 29 insertions, 31 deletions
@@ -5,7 +5,6 @@ * published by the Free Software Foundation. */ #include <assert.h> /* assert */ -#include <ctype.h> /* tolower */ #include <string.h> /* memcmp, str* */ #include <libipset/linux_ip_set.h> /* IPSET_CMD_* */ @@ -25,91 +24,91 @@ const struct ipset_commands ipset_commands[] = { { /* c[reate], --create, n[ew], -N */ .cmd = IPSET_CMD_CREATE, - .name = { "create", "new" }, + .name = { "create", "new", "-N" }, .has_arg = IPSET_MANDATORY_ARG2, .help = "SETNAME TYPENAME [type-specific-options]\n" " Create a new set", }, { /* a[dd], --add, -A */ .cmd = IPSET_CMD_ADD, - .name = { "add", NULL }, + .name = { "add", "-A", NULL }, .has_arg = IPSET_MANDATORY_ARG2, .help = "SETNAME ENTRY\n" " Add entry to the named set", }, { /* d[el], --del, -D */ .cmd = IPSET_CMD_DEL, - .name = { "del", NULL }, + .name = { "del", "-D", NULL }, .has_arg = IPSET_MANDATORY_ARG2, .help = "SETNAME ENTRY\n" " Delete entry from the named set", }, { /* t[est], --test, -T */ .cmd = IPSET_CMD_TEST, - .name = { "test", NULL }, + .name = { "test", "-T", NULL }, .has_arg = IPSET_MANDATORY_ARG2, .help = "SETNAME ENTRY\n" " Test entry in the named set", }, { /* des[troy], --destroy, x, -X */ .cmd = IPSET_CMD_DESTROY, - .name = { "destroy", "x" }, + .name = { "destroy", "x", "-X" }, .has_arg = IPSET_OPTIONAL_ARG, .help = "[SETNAME]\n" " Destroy a named set or all sets", }, { /* l[ist], --list, -L */ .cmd = IPSET_CMD_LIST, - .name = { "list", NULL }, + .name = { "list", "-L", NULL }, .has_arg = IPSET_OPTIONAL_ARG, .help = "[SETNAME]\n" " List the entries of a named set or all sets", }, { /* s[save], --save, -S */ .cmd = IPSET_CMD_SAVE, - .name = { "save", NULL }, + .name = { "save", "-S", NULL }, .has_arg = IPSET_OPTIONAL_ARG, .help = "[SETNAME]\n" " Save the named set or all sets to stdout", }, { /* r[estore], --restore, -R */ .cmd = IPSET_CMD_RESTORE, - .name = { "restore", NULL }, + .name = { "restore", "-R", NULL }, .has_arg = IPSET_NO_ARG, .help = "\n" " Restore a saved state", }, { /* f[lush], --flush, -F */ .cmd = IPSET_CMD_FLUSH, - .name = { "flush", NULL }, + .name = { "flush", "-F", NULL }, .has_arg = IPSET_OPTIONAL_ARG, .help = "[SETNAME]\n" " Flush a named set or all sets", }, { /* ren[ame], --rename, e, -E */ .cmd = IPSET_CMD_RENAME, - .name = { "rename", "e" }, + .name = { "rename", "e", "-E" }, .has_arg = IPSET_MANDATORY_ARG2, .help = "FROM-SETNAME TO-SETNAME\n" " Rename two sets", }, { /* sw[ap], --swap, w, -W */ .cmd = IPSET_CMD_SWAP, - .name = { "swap", "w" }, + .name = { "swap", "w", "-W" }, .has_arg = IPSET_MANDATORY_ARG2, .help = "FROM-SETNAME TO-SETNAME\n" " Swap the contect of two existing sets", }, { /* h[elp, --help, -H */ .cmd = IPSET_CMD_HELP, - .name = { "help", NULL }, + .name = { "help", "-h", "-H" }, .has_arg = IPSET_OPTIONAL_ARG, .help = "[TYPENAME]\n" " Print help, and settype specific help", }, { /* v[ersion], --version, -V */ .cmd = IPSET_CMD_VERSION, - .name = { "version", NULL }, + .name = { "version", "-v", "-V" }, .has_arg = IPSET_NO_ARG, .help = "\n" " Print version information", @@ -128,30 +127,29 @@ const struct ipset_commands ipset_commands[] = { bool ipset_match_cmd(const char *arg, const char * const name[]) { - size_t len; + size_t len, skip = 0; + int i; assert(arg); assert(name && name[0]); - /* Ignore (two) leading dashes */ - if (arg[0] == '-') - arg++; - if (arg[0] == '-') - arg++; + /* Ignore two leading dashes */ + if (arg[0] == '-' && arg[1] == '-') + skip = 2; len = strlen(arg); - - if (len > strlen(name[0]) || !len) - return false; - else if (len > 1 && - ((strncmp(arg, name[0], len) == 0) || - (name[1] != NULL && (strncmp(arg, name[1], len) == 0)))) - return true; - else if (len != 1) + if (len <= skip) return false; - else - return tolower(arg[0]) == name[0][0] || - (name[1] != NULL && tolower(arg[0]) == name[1][0]); + + for (i = 0; i < IPSET_CMD_ALIASES && name[i] != NULL; i++) { + /* Old compatibility command flags */ + if (name[i][0] == '-' && STREQ(arg, name[i])) + return true; + /* New command name options */ + if (strncmp(arg + skip, name[i], len - skip) == 0) + return true; + } + return false; } /* Used up so far |