src: xml: consolidate common XML code via nft_mxml_num_parse

This patch moves common XML parsing code to nft_mxml_num_parse().
To handle this, the nft_strtoi() helper fuction is included.

I've changed some MXML_DESCEND[_FIRST] flags to avoid match a nested node under
some circumstances, ie, matching two nodes with the same name that are descendant.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

7 files changed, 40 insertions, 118 deletions

diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index 84de249..f0a2eff 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -201,6 +201,12 @@ nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 	bitwise->dreg = reg;
 	e->flags |= (1 << NFT_EXPR_BITWISE_DREG);
 
+	if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST,
+			       BASE_DEC, &bitwise->len, NFT_TYPE_U8) != 0)
+		return -1;
+
+	e->flags |= (1 << NFT_EXPR_BITWISE_LEN);
+
 	if (nft_mxml_data_reg_parse(tree, "mask",
 				    &bitwise->mask) != DATA_VALUE)
 		return -1;
diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c
index e3b9a5e..a931ffa 100644
--- a/src/expr/byteorder.c
+++ b/src/expr/byteorder.c
@@ -187,8 +187,6 @@ nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 #ifdef XML_PARSING
 	struct nft_expr_byteorder *byteorder = nft_expr_data(e);
 	mxml_node_t *node = NULL;
-	uint64_t tmp;
-	char *endptr = NULL;
 	int32_t reg;
 
 	reg = nft_mxml_reg_parse(tree, "sreg", MXML_DESCEND_FIRST);
@@ -218,26 +216,16 @@ nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 
 	e->flags |= (1 << NFT_EXPR_BYTEORDER_OP);
 
-	node = mxmlFindElement(tree, tree, "len", NULL, NULL, MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT8_MAX || tmp < 0 || *endptr)
+	if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
+			       &byteorder->len, NFT_TYPE_U8) != 0)
 		goto err;
 
-	byteorder->len = tmp;
 	e->flags |= (1 << NFT_EXPR_BYTEORDER_LEN);
 
-	node = mxmlFindElement(tree, tree, "size", NULL, NULL, MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT8_MAX || tmp < 0 || *endptr)
+	if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC,
+			       &byteorder->size, NFT_TYPE_U8) != 0)
 		goto err;
 
-	byteorder->size = tmp;
 	e->flags |= (1 << NFT_EXPR_BYTEORDER_SIZE);
 
 	return 0;
diff --git a/src/expr/ct.c b/src/expr/ct.c
index f399219..a0323e1 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -183,10 +183,9 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree
 #ifdef XML_PARSING
 	struct nft_expr_ct *ct = nft_expr_data(e);
 	mxml_node_t *node = NULL;
-	uint64_t tmp;
 	int32_t reg;
-	char *endptr;
 	int key;
+	uint8_t dir;
 
 	reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
 	if (reg < 0)
@@ -206,18 +205,14 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree
 	ct->key = key;
 	e->flags |= (1 << NFT_EXPR_CT_KEY);
 
-	node = mxmlFindElement(tree, tree, "dir", NULL, NULL, MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT8_MAX || tmp < 0 || *endptr)
+	if (nft_mxml_num_parse(tree, "dir", MXML_DESCEND_FIRST, BASE_DEC, &dir,
+			       NFT_TYPE_U8) != 0)
 		goto err;
 
-	if (tmp != IP_CT_DIR_ORIGINAL && tmp != IP_CT_DIR_REPLY)
+	if (dir != IP_CT_DIR_ORIGINAL && dir != IP_CT_DIR_REPLY)
 		goto err;
 
-	ct->dir = tmp;
+	ct->dir = dir;
 	e->flags |= (1 << NFT_EXPR_CT_DIR);
 
 	return 0;
diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c
index 260ae59..b290b96 100644
--- a/src/expr/data_reg.c
+++ b/src/expr/data_reg.c
@@ -134,9 +134,6 @@ static int nft_data_reg_value_xml_parse(union nft_data_reg *reg, char *xml)
 	mxml_node_t *tree = NULL;
 	mxml_node_t *node = NULL;
 	int i;
-	int64_t tmp;
-	uint64_t utmp;
-	char *endptr;
 	char node_name[6];
 
 	tree = mxmlLoadString(NULL, xml, MXML_OPAQUE_CALLBACK);
@@ -172,38 +169,22 @@ static int nft_data_reg_value_xml_parse(union nft_data_reg *reg, char *xml)
 		return -1;
 	}
 
-	/* Get <len> */
-	node = mxmlFindElement(tree, tree, "len", NULL, NULL, MXML_DESCEND);
-	if (node == NULL) {
+	if (nft_mxml_num_parse(tree, "len", MXML_DESCEND, BASE_DEC, &reg->len,
+			       NFT_TYPE_U8) != 0) {
 		mxmlDelete(tree);
 		return -1;
 	}
 
-	tmp = strtoll(node->child->value.opaque, &endptr, 10);
-	if (tmp > INT64_MAX || tmp < 0 || *endptr) {
-		mxmlDelete(tree);
-		return -1;
-	}
-
-	reg->len = tmp;
-
 	/* Get and set <dataN> */
 	for (i = 0; i < div_round_up(reg->len, sizeof(uint32_t)); i++) {
 		sprintf(node_name, "data%d", i);
 
-		node = mxmlFindElement(tree, tree, node_name, NULL,
-				       NULL, MXML_DESCEND);
-		if (node == NULL) {
+		if (nft_mxml_num_parse(tree, node_name, MXML_DESCEND, BASE_HEX,
+				       &reg->val[i], NFT_TYPE_U32) != 0) {
 			mxmlDelete(tree);
 			return -1;
 		}
 
-		utmp = strtoull(node->child->value.opaque, &endptr, 16);
-		if (utmp == UINT64_MAX || utmp < 0 || *endptr) {
-			mxmlDelete(tree);
-			return -1;
-		}
-		reg->val[i] = utmp;
 	}
 
 	mxmlDelete(tree);
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index 51e784e..769b53c 100644
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -199,8 +199,6 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 #ifdef XML_PARSING
 	struct nft_expr_exthdr *exthdr = nft_expr_data(e);
 	mxml_node_t *node = NULL;
-	uint64_t tmp;
-	char *endptr;
 	int32_t reg;
 	int type;
 
@@ -225,28 +223,17 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
 	e->flags |= (1 << NFT_EXPR_EXTHDR_TYPE);
 
 	/* Get and set <offset> */
-	node = mxmlFindElement(tree, tree, "offset", NULL, NULL,
-			       MXML_DESCEND);
-	if (node == NULL)
-		return -1;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT_MAX || tmp < 0 || *endptr)
+	if (nft_mxml_num_parse(tree, "offset", MXML_DESCEND_FIRST, BASE_DEC,
+			       &exthdr->offset, NFT_TYPE_U32) != 0)
 		return -1;
 
-	exthdr->offset = tmp;
 	e->flags |= (1 << NFT_EXPR_EXTHDR_OFFSET);
 
 	/* Get and set <len> */
-	node = mxmlFindElement(tree, tree, "len", NULL, NULL, MXML_DESCEND);
-	if (node == NULL)
-		return -1;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT_MAX || tmp < 0 || *endptr)
+	if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
+			       &exthdr->len, NFT_TYPE_U32) != 0)
 		return -1;
 
-	exthdr->len = tmp;
 	e->flags |= (1 << NFT_EXPR_EXTHDR_LEN);
 
 	return 0;
diff --git a/src/expr/limit.c b/src/expr/limit.c
index 2ecf7cb..27f880c 100644
--- a/src/expr/limit.c
+++ b/src/expr/limit.c
@@ -122,32 +122,17 @@ static int nft_rule_expr_limit_xml_parse(struct nft_rule_expr *e, mxml_node_t *t
 {
 #ifdef XML_PARSING
 	struct nft_expr_limit *limit = nft_expr_data(e);
-	mxml_node_t *node = NULL;
-	uint64_t tmp;
-	char *endptr;
 
-	node = mxmlFindElement(tree, tree, "rate", NULL, NULL,
-			       MXML_DESCEND_FIRST);
-	if (node == NULL)
+	if (nft_mxml_num_parse(tree, "rate", MXML_DESCEND_FIRST, BASE_DEC,
+			       &limit->rate, NFT_TYPE_U64) != 0)
 		goto err;
 
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT64_MAX || tmp < 0 || *endptr)
-		goto err;
-
-	limit->rate = tmp;
 	e->flags |= (1 << NFT_EXPR_LIMIT_RATE);
 
-	node = mxmlFindElement(tree, tree, "depth", NULL, NULL,
-			       MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT64_MAX || tmp < 0 || *endptr)
+	if (nft_mxml_num_parse(tree, "depth", MXML_DESCEND_FIRST, BASE_DEC,
+			       &limit->rate, NFT_TYPE_U64) != 0)
 		goto err;
 
-	limit->depth = tmp;
 	e->flags |= (1 << NFT_EXPR_LIMIT_DEPTH);
 
 	return 0;
diff --git a/src/expr/log.c b/src/expr/log.c
index 1ffd1d9..9ff2d32 100644
--- a/src/expr/log.c
+++ b/src/expr/log.c
@@ -157,56 +157,36 @@ static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
 #ifdef XML_PARSING
 	struct nft_expr_log *log = nft_expr_data(e);
 	mxml_node_t *node = NULL;
-	uint64_t tmp;
-	char *endptr;
 
 	node = mxmlFindElement(tree, tree, "prefix", NULL, NULL,
 			       MXML_DESCEND_FIRST);
-	if (node == NULL)
-		goto err;
+	if (node == NULL) {
+		errno = EINVAL;
+		return -1;
+	}
 
 	log->prefix = strdup(node->child->value.opaque);
 	e->flags |= (1 << NFT_EXPR_LOG_PREFIX);
 
-	node = mxmlFindElement(tree, tree, "group", NULL, NULL, MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT32_MAX || tmp < 0 || *endptr)
-		goto err;
+	if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC,
+			       &log->group, NFT_TYPE_U32) != 0)
+		return -1;
 
-	log->group = tmp;
 	e->flags |= (1 << NFT_EXPR_LOG_GROUP);
 
-	node = mxmlFindElement(tree, tree, "snaplen", NULL, NULL,
-			       MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT32_MAX || tmp < 0 || *endptr)
-		goto err;
+	if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC,
+			       &log->snaplen, NFT_TYPE_U32) != 0)
+		return -1;
 
-	log->snaplen = tmp;
 	e->flags |= (1 << NFT_EXPR_LOG_SNAPLEN);
 
-	node = mxmlFindElement(tree, tree, "qthreshold", NULL, NULL,
-			       MXML_DESCEND);
-	if (node == NULL)
-		goto err;
-
-	tmp = strtoull(node->child->value.opaque, &endptr, 10);
-	if (tmp > UINT32_MAX || tmp < 0 || *endptr)
-		goto err;
+	if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST,
+			       BASE_DEC, &log->qthreshold, NFT_TYPE_U32) != 0)
+		return -1;
 
-	log->qthreshold = tmp;
 	e->flags |= (1 << NFT_EXPR_LOG_QTHRESHOLD);
 
 	return 0;
-err:
-	errno = EINVAL;
-	return -1;
 #else
 	errno = EOPNOTSUPP;
 	return -1;