From 516600858cb54906fb728d04e5edf1131ee7b3b2 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Tue, 10 Apr 2018 20:48:35 +0200 Subject: Fix parsing service names for ports Parsing is attempted both for numbers and service names and the temporary stored error message triggered to reset the state parameters about the set. Reported by Yuri D'Elia. --- lib/libipset.map | 5 +++++ lib/parse.c | 22 ++++++++++++---------- lib/session.c | 15 +++++++++++++++ 3 files changed, 32 insertions(+), 10 deletions(-) (limited to 'lib') diff --git a/lib/libipset.map b/lib/libipset.map index a2e9bd3..475fae5 100644 --- a/lib/libipset.map +++ b/lib/libipset.map @@ -168,3 +168,8 @@ LIBIPSET_4.6 { global: ipset_keyword; } LIBIPSET_4.5; + +LIBIPSET_4.7 { +global: + ipset_session_warning_as_error; +} LIBIPSET_4.6; diff --git a/lib/parse.c b/lib/parse.c index bc8e777..7cd6436 100644 --- a/lib/parse.c +++ b/lib/parse.c @@ -292,7 +292,8 @@ parse_portname(struct ipset_session *session, const char *str, error: free(saved); - return syntax_err("cannot parse '%s' as a %s port", str, proto); + return ipset_warn(session, "cannot parse '%s' as a %s port", + str, proto); } /** @@ -313,21 +314,22 @@ ipset_parse_port(struct ipset_session *session, const char *proto) { uint16_t port; - int err; assert(session); assert(opt == IPSET_OPT_PORT || opt == IPSET_OPT_PORT_TO); assert(str); - if ((err = string_to_u16(session, str, &port)) == 0 || - (err = parse_portname(session, str, &port, proto)) == 0) - err = ipset_session_data_set(session, opt, &port); - - if (!err) - /* No error, so reset false error messages! */ + if (parse_portname(session, str, &port, proto) == 0) { + return ipset_session_data_set(session, opt, &port); + } + /* Error is stored as warning in session report */ + if (string_to_u16(session, str, &port) == 0) { + /* No error, so reset false error messages */ ipset_session_report_reset(session); - - return err; + return ipset_session_data_set(session, opt, &port); + } + /* Restore warning as error */ + return ipset_session_warning_as_error(session); } /** diff --git a/lib/session.c b/lib/session.c index b1c5f5e..ca96aaa 100644 --- a/lib/session.c +++ b/lib/session.c @@ -239,6 +239,21 @@ ipset_session_report(struct ipset_session *session, return -1; } +/** + * ipset_session_warning_as_error - set warning as error + * @session: session structrure + * + * Returns -1. + */ +int +ipset_session_warning_as_error(struct ipset_session *session) +{ + session->errmsg = session->report; + session->warnmsg = NULL; + ipset_data_reset(ipset_session_data(session)); + return -1; +} + /** * ipset_session_reset - reset the report buffer * @session: session structure -- cgit v1.2.3