summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/expr/bitwise.c31
-rw-r--r--src/expr/byteorder.c35
-rw-r--r--src/expr/cmp.c21
-rw-r--r--src/expr/ct.c17
-rw-r--r--src/expr/exthdr.c18
-rw-r--r--src/expr/immediate.c18
-rw-r--r--src/expr/lookup.c37
-rw-r--r--src/expr/meta.c20
-rw-r--r--src/expr/nat.c66
-rw-r--r--src/expr/payload.c19
-rw-r--r--src/mxml.c22
11 files changed, 102 insertions, 202 deletions
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index 4b48392..6b534b4 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -204,38 +204,21 @@ nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
struct nft_expr_bitwise *bitwise = (struct nft_expr_bitwise *)e->data;
mxml_node_t *node = NULL;
mxml_node_t *save = NULL;
- uint64_t tmp;
+ int32_t reg;
union nft_data_reg data_regtmp;
- char *endptr = NULL;
- /* get and set <sreg> */
- node = mxmlFindElement(tree, tree, "sreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL)
- return -1;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
+ reg = nft_mxml_reg_parse(tree, "sreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
return -1;
- bitwise->sreg = (uint32_t)tmp;
+ bitwise->sreg = reg;
e->flags |= (1 << NFT_EXPR_BITWISE_SREG);
- /* get and set <dreg> */
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL, MXML_DESCEND);
- if (node == NULL)
- return -1;
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND);
+ if (reg < 0)
return -1;
- bitwise->dreg = (uint32_t)tmp;
+ bitwise->dreg = reg;
e->flags |= (1 << NFT_EXPR_BITWISE_DREG);
/* Get and set <mask> */
diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c
index e1a98e9..8813546 100644
--- a/src/expr/byteorder.c
+++ b/src/expr/byteorder.c
@@ -205,38 +205,25 @@ static int
nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
{
#ifdef XML_PARSING
- struct nft_expr_byteorder *byteorder = (struct nft_expr_byteorder *)e;
+ struct nft_expr_byteorder *byteorder =
+ (struct nft_expr_byteorder *)e->data;
mxml_node_t *node = NULL;
uint64_t tmp;
char *endptr = NULL;
+ int32_t reg;
- node = mxmlFindElement(tree, tree, "sreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL)
- goto err;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- goto err;
-
- if (tmp > NFT_REG_MAX)
- goto err;
+ reg = nft_mxml_reg_parse(tree, "sreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
+ return -1;
- byteorder->sreg = tmp;
+ byteorder->sreg = reg;
e->flags |= (1 << NFT_EXPR_BYTEORDER_SREG);
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL, MXML_DESCEND);
- if (node == NULL)
- goto err;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- goto err;
-
- if (tmp > NFT_REG_MAX)
- goto err;
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND);
+ if (reg < 0)
+ return -1;
- byteorder->dreg = tmp;
+ byteorder->dreg = reg;
e->flags |= (1 << NFT_EXPR_BYTEORDER_DREG);
node = mxmlFindElement(tree, tree, "op", NULL, NULL, MXML_DESCEND);
diff --git a/src/expr/cmp.c b/src/expr/cmp.c
index ca8dd82..f3a363a 100644
--- a/src/expr/cmp.c
+++ b/src/expr/cmp.c
@@ -175,23 +175,14 @@ static int nft_rule_expr_cmp_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
mxml_node_t *node = NULL;
mxml_node_t *save = NULL;
union nft_data_reg data_regtmp;
- uint64_t tmp;
- char *endptr;
+ int32_t reg;
- /* Get and set <sreg>. Is not mandatory */
- node = mxmlFindElement(tree, tree, "sreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT8_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "sreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
+ return -1;
- cmp->sreg = (uint8_t)tmp;
- e->flags |= (1 << NFT_EXPR_CMP_SREG);
- }
+ cmp->sreg = reg;
+ e->flags |= (1 << NFT_EXPR_CMP_SREG);
/* Get and set <op>. Is not mandatory*/
node = mxmlFindElement(tree, tree, "op", NULL, NULL, MXML_DESCEND);
diff --git a/src/expr/ct.c b/src/expr/ct.c
index 13da036..be23e80 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -198,22 +198,15 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree
struct nft_expr_ct *ct = (struct nft_expr_ct *)e->data;
mxml_node_t *node = NULL;
uint64_t tmp;
+ int32_t reg;
char *endptr;
int key;
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL)
- goto err;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT8_MAX || tmp < 0 || *endptr)
- goto err;
-
- if (tmp > NFT_REG_MAX)
- goto err;
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
+ return -1;
- ct->dreg = tmp;
+ ct->dreg = reg;
e->flags |= (1 << NFT_EXPR_CT_DREG);
node = mxmlFindElement(tree, tree, "key", NULL, NULL, MXML_DESCEND);
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index e7f4fab..6055067 100644
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -219,24 +219,14 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
mxml_node_t *node = NULL;
uint64_t tmp;
char *endptr;
+ int32_t reg;
int type;
- /* All nodes are mandatory */
-
- /* Get and set <dreg> */
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL)
- return -1;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
return -1;
- exthdr->dreg = tmp;
+ exthdr->dreg = reg;
e->flags |= (1 << NFT_EXPR_EXTHDR_DREG);
/* Get and set <exthdr_type> */
diff --git a/src/expr/immediate.c b/src/expr/immediate.c
index b196ed2..8f57649 100644
--- a/src/expr/immediate.c
+++ b/src/expr/immediate.c
@@ -203,23 +203,13 @@ nft_rule_expr_immediate_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
mxml_node_t *node = NULL;
mxml_node_t *save = NULL;
union nft_data_reg data_regtmp;
- uint64_t tmp;
- char *endptr;
+ int32_t reg;
- /* Get and set <dreg>. Is mandatory */
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL)
- return -1;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
return -1;
- imm->dreg = (uint32_t)tmp;
+ imm->dreg = reg;
e->flags |= (1 << NFT_EXPR_IMM_DREG);
/* Get and set <immdata>. Is mandatory */
diff --git a/src/expr/lookup.c b/src/expr/lookup.c
index ca10cab..e083372 100644
--- a/src/expr/lookup.c
+++ b/src/expr/lookup.c
@@ -158,8 +158,7 @@ nft_rule_expr_lookup_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
#ifdef XML_PARSING
struct nft_expr_lookup *lookup = (struct nft_expr_lookup *)e->data;
mxml_node_t *node = NULL;
- uint64_t tmp;
- char *endptr;
+ int32_t reg;
/* get and set <set>. Is mandatory */
node = mxmlFindElement(tree, tree, "set", NULL, NULL,
@@ -171,38 +170,20 @@ nft_rule_expr_lookup_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
lookup->set_name[IFNAMSIZ-1] = '\0';
e->flags |= (1 << NFT_EXPR_LOOKUP_SET);
- /* get and set <sreg>. Is mandatory */
- node = mxmlFindElement(tree, tree, "sreg", NULL, NULL,
- MXML_DESCEND);
- if (node == NULL)
+ reg = nft_mxml_reg_parse(tree, "sreg", MXML_DESCEND);
+ if (reg < 0)
return -1;
- errno = 0;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
- return -1;
-
- lookup->sreg = (uint32_t)tmp;
+ lookup->sreg = reg;
e->flags |= (1 << NFT_EXPR_LOOKUP_SREG);
- /* get and set <dreg>. Isn't mandatory */
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND);
+ if (reg < 0)
+ return -1;
- if (tmp > NFT_REG_MAX)
- return -1;
+ lookup->dreg = reg;
+ e->flags |= (1 << NFT_EXPR_LOOKUP_DREG);
- lookup->dreg = (uint32_t)tmp;
- e->flags |= (1 << NFT_EXPR_LOOKUP_DREG);
- }
return 0;
#else
errno = EOPNOTSUPP;
diff --git a/src/expr/meta.c b/src/expr/meta.c
index 46a863a..b1d978b 100644
--- a/src/expr/meta.c
+++ b/src/expr/meta.c
@@ -174,24 +174,14 @@ static int nft_rule_expr_meta_xml_parse(struct nft_rule_expr *e, mxml_node_t *tr
#ifdef XML_PARSING
struct nft_expr_meta *meta = (struct nft_expr_meta *)e->data;
mxml_node_t *node = NULL;
- uint64_t tmp;
- char *endptr;
+ int32_t reg;
int key;
- /* Get and set <dreg>. Is mandatory */
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL)
- return -1;
-
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT8_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
+ return -1;
- meta->dreg = (uint8_t)tmp;
+ meta->dreg = reg;
e->flags |= (1 << NFT_EXPR_META_DREG);
/* Get and set <key>. Is mandatory */
diff --git a/src/expr/nat.c b/src/expr/nat.c
index 05d2e74..32be564 100644
--- a/src/expr/nat.c
+++ b/src/expr/nat.c
@@ -209,9 +209,8 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
{
#ifdef XML_PARSING
struct nft_expr_nat *nat = (struct nft_expr_nat *)e->data;
- mxml_node_t *node = NULL;
- uint64_t tmp;
- char *endptr;
+ mxml_node_t *node;
+ int32_t reg;
int family;
/* Get and set <nat_type>. Mandatory */
@@ -242,53 +241,34 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tre
nat->family = family;
e->flags |= (1 << NFT_EXPR_NAT_FAMILY);
- /* Get and set <sreg_addr_min>. Not mandatory */
- node = mxmlFindElement(tree, tree, "sreg_addr_min", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "sreg_addr_min", MXML_DESCEND);
+ if (reg < 0)
+ return -1;
- nat->sreg_addr_min = (uint32_t)tmp;
- e->flags |= (1 << NFT_EXPR_NAT_REG_ADDR_MIN);
- }
+ nat->sreg_addr_min = reg;
+ e->flags |= (1 << NFT_EXPR_NAT_REG_ADDR_MIN);
- /* Get and set <sreg_addr_max>. Not mandatory */
- node = mxmlFindElement(tree, tree, "sreg_addr_max", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "sreg_addr_max", MXML_DESCEND);
+ if (reg < 0)
+ return -1;
- nat->sreg_addr_max = (uint32_t)tmp;
- e->flags |= (1 << NFT_EXPR_NAT_REG_ADDR_MAX);
- }
+ nat->sreg_addr_max = reg;
+ e->flags |= (1 << NFT_EXPR_NAT_REG_ADDR_MAX);
- /* Get and set <sreg_proto_min>. Not mandatory */
- node = mxmlFindElement(tree, tree, "sreg_proto_min", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "sreg_proto_min", MXML_DESCEND);
+ if (reg < 0)
+ return -1;
- nat->sreg_proto_min = (uint32_t)tmp;
- e->flags |= (1 << NFT_EXPR_NAT_REG_PROTO_MIN);
- }
+ nat->sreg_proto_min = reg;
+ e->flags |= (1 << NFT_EXPR_NAT_REG_PROTO_MIN);
- /* Get and set <sreg_proto_max>. Not mandatory */
- node = mxmlFindElement(tree, tree, "sreg_proto_max", NULL, NULL,
- MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "sreg_proto_max", MXML_DESCEND);
+ if (reg < 0)
+ return -1;
+
+ nat->sreg_proto_max = reg;
+ e->flags |= (1 << NFT_EXPR_NAT_REG_PROTO_MAX);
- nat->sreg_proto_max = (uint32_t)tmp;
- e->flags |= (1 << NFT_EXPR_NAT_REG_PROTO_MAX);
- }
return 0;
#else
errno = EOPNOTSUPP;
diff --git a/src/expr/payload.c b/src/expr/payload.c
index 8866755..7d6fb6d 100644
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -203,22 +203,15 @@ nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree)
struct nft_expr_payload *payload = (struct nft_expr_payload *)e->data;
mxml_node_t *node = NULL;
uint64_t tmp;
+ int32_t reg;
char *endptr;
- /* Get and set <dreg>. Not mandatory */
- node = mxmlFindElement(tree, tree, "dreg", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr)
- return -1;
-
- if (tmp > NFT_REG_MAX)
- return -1;
+ reg = nft_mxml_reg_parse(tree, "dreg", MXML_DESCEND_FIRST);
+ if (reg < 0)
+ return -1;
- payload->dreg = (uint32_t)tmp;
- e->flags |= (1 << NFT_EXPR_PAYLOAD_DREG);
- }
+ payload->dreg = reg;
+ e->flags |= (1 << NFT_EXPR_PAYLOAD_DREG);
/* Get and set <base>. Not mandatory */
node = mxmlFindElement(tree, tree, "base", NULL, NULL, MXML_DESCEND);
diff --git a/src/mxml.c b/src/mxml.c
index 76fb05f..4d81bf4 100644
--- a/src/mxml.c
+++ b/src/mxml.c
@@ -53,3 +53,25 @@ err:
errno = EINVAL;
return NULL;
}
+
+int nft_mxml_reg_parse(mxml_node_t *tree, const char *reg_name, uint32_t flags)
+{
+ mxml_node_t *node;
+ char *endptr;
+ uint64_t val;
+
+ node = mxmlFindElement(tree, tree, reg_name, NULL, NULL, flags);
+ if (node == NULL) {
+ errno = EINVAL;
+ goto err;
+ }
+
+ val = strtoull(node->child->value.opaque, &endptr, 10);
+ if (val > NFT_REG_MAX || val < 0 || *endptr) {
+ errno = ERANGE;
+ goto err;
+ }
+ return val;
+err:
+ return -1;
+}