summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2016-06-10 14:13:00 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2016-06-15 12:12:38 +0200
commit844541f4c43c2469b9955b78480cbe36fde653d0 (patch)
tree0c5238784698f46c4166596b5487abace0646145 /src
parent396cdb2375af8c8b8884f5f50c773a39b29a06d7 (diff)
src: assert when setting unknown attributes
If this attribute is not supported by the library, we should rise an assertion so the client knows something is wrong, instead of silently going through. The only case I can think may hit this problem is version mismatch between library and tools. This should not ever really happen, so better bail out from the library itself in this case. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/chain.c4
-rw-r--r--src/gen.c4
-rw-r--r--src/rule.c4
-rw-r--r--src/set.c4
-rw-r--r--src/table.c4
-rw-r--r--src/utils.c8
6 files changed, 13 insertions, 15 deletions
diff --git a/src/chain.c b/src/chain.c
index 990c576..c7a9597 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -168,9 +168,7 @@ static uint32_t nftnl_chain_validate[NFTNL_CHAIN_MAX + 1] = {
void nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr,
const void *data, uint32_t data_len)
{
- if (attr > NFTNL_CHAIN_MAX)
- return;
-
+ nftnl_assert_attr_exists(attr, NFTNL_CHAIN_MAX);
nftnl_assert_validate(data, nftnl_chain_validate, attr, data_len);
switch(attr) {
diff --git a/src/gen.c b/src/gen.c
index 115a105..ea29e2a 100644
--- a/src/gen.c
+++ b/src/gen.c
@@ -67,9 +67,7 @@ static uint32_t nftnl_gen_validate[NFTNL_GEN_MAX + 1] = {
void nftnl_gen_set_data(struct nftnl_gen *gen, uint16_t attr,
const void *data, uint32_t data_len)
{
- if (attr > NFTNL_GEN_MAX)
- return;
-
+ nftnl_assert_attr_exists(attr, NFTNL_GEN_MAX);
nftnl_assert_validate(data, nftnl_gen_validate, attr, data_len);
switch (attr) {
diff --git a/src/rule.c b/src/rule.c
index 04cadae..e63c961 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -132,9 +132,7 @@ static uint32_t nftnl_rule_validate[NFTNL_RULE_MAX + 1] = {
void nftnl_rule_set_data(struct nftnl_rule *r, uint16_t attr,
const void *data, uint32_t data_len)
{
- if (attr > NFTNL_RULE_MAX)
- return;
-
+ nftnl_assert_attr_exists(attr, NFTNL_RULE_MAX);
nftnl_assert_validate(data, nftnl_rule_validate, attr, data_len);
switch(attr) {
diff --git a/src/set.c b/src/set.c
index dbea93b..d2467e4 100644
--- a/src/set.c
+++ b/src/set.c
@@ -116,9 +116,7 @@ static uint32_t nftnl_set_validate[NFTNL_SET_MAX + 1] = {
void nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data,
uint32_t data_len)
{
- if (attr > NFTNL_SET_MAX)
- return;
-
+ nftnl_assert_attr_exists(attr, NFTNL_SET_MAX);
nftnl_assert_validate(data, nftnl_set_validate, attr, data_len);
switch(attr) {
diff --git a/src/table.c b/src/table.c
index 42fe49f..7eefc70 100644
--- a/src/table.c
+++ b/src/table.c
@@ -87,9 +87,7 @@ static uint32_t nftnl_table_validate[NFTNL_TABLE_MAX + 1] = {
void nftnl_table_set_data(struct nftnl_table *t, uint16_t attr,
const void *data, uint32_t data_len)
{
- if (attr > NFTNL_TABLE_MAX)
- return;
-
+ nftnl_assert_attr_exists(attr, NFTNL_TABLE_MAX);
nftnl_assert_validate(data, nftnl_table_validate, attr, data_len);
switch (attr) {
diff --git a/src/utils.c b/src/utils.c
index 22710b9..e2715a2 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -269,6 +269,14 @@ out:
return ret;
}
+void __nftnl_assert_attr_exists(uint16_t attr, uint16_t attr_max,
+ const char *filename, int line)
+{
+ fprintf(stderr, "libnftnl: attribute %d > %d (maximum) assertion failed in %s:%d\n",
+ attr, attr_max, filename, line);
+ exit(EXIT_FAILURE);
+}
+
void __nftnl_assert_fail(uint16_t attr, const char *filename, int line)
{
fprintf(stderr, "libnftnl: attribute %d assertion failed in %s:%d\n",