From 8da04ffdca1931402a6bc22c43c1a2fa1c6f1e14 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 19 Sep 2018 15:16:59 +0200 Subject: Share print_ipv{4,6}_addr() from xtables These functions contain code which occurs in legacy's print_firewall() functions, so use them there. Rename them to at least make clear they print more than a single address. Also introduce ipv{4,6}_addr_to_string() which take care of converting an address/netmask pair into string representation in a way which doesn't upset covscan (since that didn't detect that 'buf' may not be exceeded by the strings written into it. Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- iptables/iptables.c | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) (limited to 'iptables/iptables.c') diff --git a/iptables/iptables.c b/iptables/iptables.c index 428fae4e..31cb97b2 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -535,7 +535,6 @@ print_firewall(const struct ipt_entry *fw, struct xtables_target *target, *tg; const struct xt_entry_target *t; uint8_t flags; - char buf[BUFSIZ]; if (!iptc_is_chain(targname, handle)) target = xtables_find_target(targname, XTF_TRY_LOAD); @@ -604,29 +603,7 @@ print_firewall(const struct ipt_entry *fw, printf(FMT("%-6s ","out %s "), iface); } - fputc(fw->ip.invflags & IPT_INV_SRCIP ? '!' : ' ', stdout); - if (fw->ip.smsk.s_addr == 0L && !(format & FMT_NUMERIC)) - printf(FMT("%-19s ","%s "), "anywhere"); - else { - if (format & FMT_NUMERIC) - strcpy(buf, xtables_ipaddr_to_numeric(&fw->ip.src)); - else - strcpy(buf, xtables_ipaddr_to_anyname(&fw->ip.src)); - strcat(buf, xtables_ipmask_to_numeric(&fw->ip.smsk)); - printf(FMT("%-19s ","%s "), buf); - } - - fputc(fw->ip.invflags & IPT_INV_DSTIP ? '!' : ' ', stdout); - if (fw->ip.dmsk.s_addr == 0L && !(format & FMT_NUMERIC)) - printf(FMT("%-19s ","-> %s"), "anywhere"); - else { - if (format & FMT_NUMERIC) - strcpy(buf, xtables_ipaddr_to_numeric(&fw->ip.dst)); - else - strcpy(buf, xtables_ipaddr_to_anyname(&fw->ip.dst)); - strcat(buf, xtables_ipmask_to_numeric(&fw->ip.dmsk)); - printf(FMT("%-19s ","-> %s"), buf); - } + print_ipv4_addresses(fw, format); if (format & FMT_NOTABLE) fputs(" ", stdout); -- cgit v1.2.3