summaryrefslogtreecommitdiffstats
path: root/src/obj/quota.c
Commit message (Collapse)AuthorAgeFilesLines
* obj: Respect data_len when setting attributesPhil Sutter8 days1-3/+3
| | | | | | | | With attr_policy in place, data_len has an upper boundary. Use it for memcpy() calls to cover for caller passing data with lower size than the attribute's storage. Signed-off-by: Phil Sutter <phil@nwl.cc>
* obj: Introduce struct obj_ops::attr_policyPhil Sutter8 days1-0/+7
| | | | | | | | Just like with struct expr_ops::attr_policy, enable object types to inform about restrictions on attribute use. This way generic object code may perform sanity checks before dispatching to object ops. Signed-off-by: Phil Sutter <phil@nwl.cc>
* obj: Call obj_ops::set with legal attributes onlyPhil Sutter8 days1-2/+0
| | | | | | | | | | Refer to obj_ops::nftnl_max_attr field value for the maximum supported attribute value to reject invalid ones upfront. Consequently drop default cases from callbacks' switches which handle all supported attributes. Signed-off-by: Phil Sutter <phil@nwl.cc>
* obj: Repurpose struct obj_ops::max_attr fieldPhil Sutter8 days1-1/+1
| | | | | | | Just like with struct expr_ops::max_attr, make it hold the maximum object attribute (NFTNL_OBJ_*) value supported by this object type. Signed-off-by: Phil Sutter <phil@nwl.cc>
* build: fix clang+glibc snprintf substitution errorNicholas Vinson2022-06-151-1/+1
| | | | | | | | | | | | | | | | | | | | When building with clang and glibc and -D_FORTIFY_SOURCE=2 is passed to clang, the snprintf member of the expr_ops and obj_ops structures will be incorrectly replaced with __builtin_snprintf_chk() which results in "error: no member named '__builtin___snprintf_chk'" errors at build time. This patch changes the member name from 'snprintf' to 'output' to prevent the replacement. This bug can be emulated using GCC by undefining the __va_arg_pack macro before stdio.h is included. This patch is based on the notes provided in https://bugs.gentoo.org/807766. Signed-off-by: Nicholas Vinson <nvinson234@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de>
* obj: Drop type parameter from snprintf callbackPhil Sutter2021-03-151-20/+3
| | | | | | | Objects don't support any other output type than NFTNL_OUTPUT_DEFAULT, so just drop the parameter. Signed-off-by: Phil Sutter <phil@nwl.cc>
* src: Use memcpy() to handle potentially unaligned dataMatt Turner2018-10-191-3/+3
| | | | | | | | | | | | Rolf Eike Beer <eike@sf-mail.de> reported that nft-expr_quota-test fails with a SIGBUS on SPARC due to unaligned accesses. This patch resolves that and fixes additional sources of unaligned accesses matching the same pattern. Both nft-expr_quota-test and nft-expr_objref-test generated unaligned accesses on DEC Alpha. Bug: https://bugs.gentoo.org/666448 Signed-off-by: Matt Turner <mattst88@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: remove json supportPablo Neira Ayuso2018-10-151-43/+0
| | | | | | We have better json support in libnftables these days. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: Buffer is null terminated.Varsha Rao2017-09-271-0/+3
| | | | | | | In _snprintf() functions definition the buffer is null terminated. Signed-off-by: Varsha Rao <rvarsha016@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: support for stateful objectsPablo Neira Ayuso2016-12-091-0/+205
This patch allows you to add, to delete and to get stateful objects, this support two object types: counter and quota. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>