From 8f4de3888ce74607d4754fe5a1a8f470af409c09 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Fri, 10 Jun 2016 14:30:56 +0200 Subject: src: return value on setters that internally allocate memory So the client can bail out of memory allocation errors. Or in case of daemon, make sure things are left in consistent state before bailing out. Signed-off-by: Pablo Neira Ayuso --- src/chain.c | 15 +++++++++++---- src/expr.c | 15 +++++++-------- src/gen.c | 9 +++++---- src/rule.c | 19 ++++++++++++------- src/set.c | 17 +++++++++++------ src/set_elem.c | 13 ++++++------- src/table.c | 11 +++++++---- 7 files changed, 59 insertions(+), 40 deletions(-) (limited to 'src') diff --git a/src/chain.c b/src/chain.c index c7a9597..46c5cd8 100644 --- a/src/chain.c +++ b/src/chain.c @@ -165,8 +165,8 @@ static uint32_t nftnl_chain_validate[NFTNL_CHAIN_MAX + 1] = { [NFTNL_CHAIN_FAMILY] = sizeof(uint32_t), }; -void nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr, - const void *data, uint32_t data_len) +int nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr, + const void *data, uint32_t data_len) { nftnl_assert_attr_exists(attr, NFTNL_CHAIN_MAX); nftnl_assert_validate(data, nftnl_chain_validate, attr, data_len); @@ -180,6 +180,8 @@ void nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr, xfree(c->table); c->table = strdup(data); + if (!c->table) + return -1; break; case NFTNL_CHAIN_HOOKNUM: memcpy(&c->hooknum, data, sizeof(c->hooknum)); @@ -210,15 +212,20 @@ void nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr, xfree(c->type); c->type = strdup(data); + if (!c->type) + return -1; break; case NFTNL_CHAIN_DEV: if (c->dev) xfree(c->dev); c->dev = strdup(data); + if (!c->type) + return -1; break; } c->flags |= (1 << attr); + return 0; } EXPORT_SYMBOL_ALIAS(nftnl_chain_set_data, nft_chain_attr_set_data); @@ -252,9 +259,9 @@ void nftnl_chain_set_u8(struct nftnl_chain *c, uint16_t attr, uint8_t data) } EXPORT_SYMBOL_ALIAS(nftnl_chain_set_u8, nft_chain_attr_set_u8); -void nftnl_chain_set_str(struct nftnl_chain *c, uint16_t attr, const char *str) +int nftnl_chain_set_str(struct nftnl_chain *c, uint16_t attr, const char *str) { - nftnl_chain_set_data(c, attr, str, strlen(str)); + return nftnl_chain_set_data(c, attr, str, strlen(str)); } EXPORT_SYMBOL_ALIAS(nftnl_chain_set_str, nft_chain_attr_set_str); diff --git a/src/expr.c b/src/expr.c index ed07dc4..f802725 100644 --- a/src/expr.c +++ b/src/expr.c @@ -60,18 +60,18 @@ bool nftnl_expr_is_set(const struct nftnl_expr *expr, uint16_t type) } EXPORT_SYMBOL_ALIAS(nftnl_expr_is_set, nft_rule_expr_is_set); -void -nftnl_expr_set(struct nftnl_expr *expr, uint16_t type, - const void *data, uint32_t data_len) +int nftnl_expr_set(struct nftnl_expr *expr, uint16_t type, + const void *data, uint32_t data_len) { switch(type) { case NFTNL_EXPR_NAME: /* cannot be modified */ - return; + return 0; default: if (expr->ops->set(expr, type, data, data_len) < 0) - return; + return -1; } expr->flags |= (1 << type); + return 0; } EXPORT_SYMBOL_ALIAS(nftnl_expr_set, nft_rule_expr_set); @@ -103,10 +103,9 @@ nftnl_expr_set_u64(struct nftnl_expr *expr, uint16_t type, uint64_t data) } EXPORT_SYMBOL_ALIAS(nftnl_expr_set_u64, nft_rule_expr_set_u64); -void -nftnl_expr_set_str(struct nftnl_expr *expr, uint16_t type, const char *str) +int nftnl_expr_set_str(struct nftnl_expr *expr, uint16_t type, const char *str) { - nftnl_expr_set(expr, type, str, strlen(str)+1); + return nftnl_expr_set(expr, type, str, strlen(str) + 1); } EXPORT_SYMBOL_ALIAS(nftnl_expr_set_str, nft_rule_expr_set_str); diff --git a/src/gen.c b/src/gen.c index ea29e2a..37a9049 100644 --- a/src/gen.c +++ b/src/gen.c @@ -64,8 +64,8 @@ static uint32_t nftnl_gen_validate[NFTNL_GEN_MAX + 1] = { [NFTNL_GEN_ID] = sizeof(uint32_t), }; -void nftnl_gen_set_data(struct nftnl_gen *gen, uint16_t attr, - const void *data, uint32_t data_len) +int nftnl_gen_set_data(struct nftnl_gen *gen, uint16_t attr, + const void *data, uint32_t data_len) { nftnl_assert_attr_exists(attr, NFTNL_GEN_MAX); nftnl_assert_validate(data, nftnl_gen_validate, attr, data_len); @@ -76,12 +76,13 @@ void nftnl_gen_set_data(struct nftnl_gen *gen, uint16_t attr, break; } gen->flags |= (1 << attr); + return 0; } EXPORT_SYMBOL_ALIAS(nftnl_gen_set_data, nft_gen_attr_set_data); -void nftnl_gen_set(struct nftnl_gen *gen, uint16_t attr, const void *data) +int nftnl_gen_set(struct nftnl_gen *gen, uint16_t attr, const void *data) { - nftnl_gen_set_data(gen, attr, data, nftnl_gen_validate[attr]); + return nftnl_gen_set_data(gen, attr, data, nftnl_gen_validate[attr]); } EXPORT_SYMBOL_ALIAS(nftnl_gen_set, nft_gen_attr_set); diff --git a/src/rule.c b/src/rule.c index e63c961..80393c5 100644 --- a/src/rule.c +++ b/src/rule.c @@ -129,8 +129,8 @@ static uint32_t nftnl_rule_validate[NFTNL_RULE_MAX + 1] = { [NFTNL_RULE_POSITION] = sizeof(uint64_t), }; -void nftnl_rule_set_data(struct nftnl_rule *r, uint16_t attr, - const void *data, uint32_t data_len) +int nftnl_rule_set_data(struct nftnl_rule *r, uint16_t attr, + const void *data, uint32_t data_len) { nftnl_assert_attr_exists(attr, NFTNL_RULE_MAX); nftnl_assert_validate(data, nftnl_rule_validate, attr, data_len); @@ -141,12 +141,16 @@ void nftnl_rule_set_data(struct nftnl_rule *r, uint16_t attr, xfree(r->table); r->table = strdup(data); + if (!r->table) + return -1; break; case NFTNL_RULE_CHAIN: if (r->chain) xfree(r->chain); r->chain = strdup(data); + if (!r->chain) + return -1; break; case NFTNL_RULE_HANDLE: r->handle = *((uint64_t *)data); @@ -169,19 +173,20 @@ void nftnl_rule_set_data(struct nftnl_rule *r, uint16_t attr, r->user.data = malloc(data_len); if (!r->user.data) - return; + return -1; memcpy(r->user.data, data, data_len); r->user.len = data_len; break; } r->flags |= (1 << attr); + return 0; } EXPORT_SYMBOL_ALIAS(nftnl_rule_set_data, nft_rule_attr_set_data); -void nftnl_rule_set(struct nftnl_rule *r, uint16_t attr, const void *data) +int nftnl_rule_set(struct nftnl_rule *r, uint16_t attr, const void *data) { - nftnl_rule_set_data(r, attr, data, nftnl_rule_validate[attr]); + return nftnl_rule_set_data(r, attr, data, nftnl_rule_validate[attr]); } EXPORT_SYMBOL_ALIAS(nftnl_rule_set, nft_rule_attr_set); @@ -197,9 +202,9 @@ void nftnl_rule_set_u64(struct nftnl_rule *r, uint16_t attr, uint64_t val) } EXPORT_SYMBOL_ALIAS(nftnl_rule_set_u64, nft_rule_attr_set_u64); -void nftnl_rule_set_str(struct nftnl_rule *r, uint16_t attr, const char *str) +int nftnl_rule_set_str(struct nftnl_rule *r, uint16_t attr, const char *str) { - nftnl_rule_set_data(r, attr, str, strlen(str)); + return nftnl_rule_set_data(r, attr, str, strlen(str)); } EXPORT_SYMBOL_ALIAS(nftnl_rule_set_str, nft_rule_attr_set_str); diff --git a/src/set.c b/src/set.c index d2467e4..02d0890 100644 --- a/src/set.c +++ b/src/set.c @@ -113,8 +113,8 @@ static uint32_t nftnl_set_validate[NFTNL_SET_MAX + 1] = { [NFTNL_SET_GC_INTERVAL] = sizeof(uint32_t), }; -void nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data, - uint32_t data_len) +int nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data, + uint32_t data_len) { nftnl_assert_attr_exists(attr, NFTNL_SET_MAX); nftnl_assert_validate(data, nftnl_set_validate, attr, data_len); @@ -125,12 +125,16 @@ void nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data, xfree(s->table); s->table = strdup(data); + if (!s->table) + return -1; break; case NFTNL_SET_NAME: if (s->name) xfree(s->name); s->name = strdup(data); + if (!s->name) + return -1; break; case NFTNL_SET_FLAGS: s->set_flags = *((uint32_t *)data); @@ -167,12 +171,13 @@ void nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data, break; } s->flags |= (1 << attr); + return 0; } EXPORT_SYMBOL_ALIAS(nftnl_set_set_data, nft_set_attr_set_data); -void nftnl_set_set(struct nftnl_set *s, uint16_t attr, const void *data) +int nftnl_set_set(struct nftnl_set *s, uint16_t attr, const void *data) { - nftnl_set_set_data(s, attr, data, nftnl_set_validate[attr]); + return nftnl_set_set_data(s, attr, data, nftnl_set_validate[attr]); } EXPORT_SYMBOL_ALIAS(nftnl_set_set, nft_set_attr_set); @@ -188,9 +193,9 @@ void nftnl_set_set_u64(struct nftnl_set *s, uint16_t attr, uint64_t val) } EXPORT_SYMBOL_ALIAS(nftnl_set_set_u64, nft_set_attr_set_u64); -void nftnl_set_set_str(struct nftnl_set *s, uint16_t attr, const char *str) +int nftnl_set_set_str(struct nftnl_set *s, uint16_t attr, const char *str) { - nftnl_set_set(s, attr, str); + return nftnl_set_set(s, attr, str); } EXPORT_SYMBOL_ALIAS(nftnl_set_set_str, nft_set_attr_set_str); diff --git a/src/set_elem.c b/src/set_elem.c index 36289e5..7e3a995 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -99,8 +99,8 @@ void nftnl_set_elem_unset(struct nftnl_set_elem *s, uint16_t attr) } EXPORT_SYMBOL_ALIAS(nftnl_set_elem_unset, nft_set_elem_attr_unset); -void nftnl_set_elem_set(struct nftnl_set_elem *s, uint16_t attr, - const void *data, uint32_t data_len) +int nftnl_set_elem_set(struct nftnl_set_elem *s, uint16_t attr, + const void *data, uint32_t data_len) { switch(attr) { case NFTNL_SET_ELEM_FLAGS: @@ -132,14 +132,13 @@ void nftnl_set_elem_set(struct nftnl_set_elem *s, uint16_t attr, s->user.data = malloc(data_len); if (!s->user.data) - return; + return -1; memcpy(s->user.data, data, data_len); s->user.len = data_len; break; - default: - return; } s->flags |= (1 << attr); + return -1; } EXPORT_SYMBOL_ALIAS(nftnl_set_elem_set, nft_set_elem_attr_set); @@ -155,9 +154,9 @@ void nftnl_set_elem_set_u64(struct nftnl_set_elem *s, uint16_t attr, uint64_t va } EXPORT_SYMBOL_ALIAS(nftnl_set_elem_set_u64, nft_set_elem_attr_set_u64); -void nftnl_set_elem_set_str(struct nftnl_set_elem *s, uint16_t attr, const char *str) +int nftnl_set_elem_set_str(struct nftnl_set_elem *s, uint16_t attr, const char *str) { - nftnl_set_elem_set(s, attr, str, strlen(str)); + return nftnl_set_elem_set(s, attr, str, strlen(str)); } EXPORT_SYMBOL_ALIAS(nftnl_set_elem_set_str, nft_set_elem_attr_set_str); diff --git a/src/table.c b/src/table.c index 7eefc70..e4c61aa 100644 --- a/src/table.c +++ b/src/table.c @@ -84,8 +84,8 @@ static uint32_t nftnl_table_validate[NFTNL_TABLE_MAX + 1] = { [NFTNL_TABLE_FAMILY] = sizeof(uint32_t), }; -void nftnl_table_set_data(struct nftnl_table *t, uint16_t attr, - const void *data, uint32_t data_len) +int nftnl_table_set_data(struct nftnl_table *t, uint16_t attr, + const void *data, uint32_t data_len) { nftnl_assert_attr_exists(attr, NFTNL_TABLE_MAX); nftnl_assert_validate(data, nftnl_table_validate, attr, data_len); @@ -96,6 +96,8 @@ void nftnl_table_set_data(struct nftnl_table *t, uint16_t attr, xfree(t->name); t->name = strdup(data); + if (!t->name) + return -1; break; case NFTNL_TABLE_FLAGS: t->table_flags = *((uint32_t *)data); @@ -108,6 +110,7 @@ void nftnl_table_set_data(struct nftnl_table *t, uint16_t attr, break; } t->flags |= (1 << attr); + return 0; } EXPORT_SYMBOL_ALIAS(nftnl_table_set_data, nft_table_attr_set_data); @@ -129,9 +132,9 @@ void nftnl_table_set_u8(struct nftnl_table *t, uint16_t attr, uint8_t val) } EXPORT_SYMBOL_ALIAS(nftnl_table_set_u8, nft_table_attr_set_u8); -void nftnl_table_set_str(struct nftnl_table *t, uint16_t attr, const char *str) +int nftnl_table_set_str(struct nftnl_table *t, uint16_t attr, const char *str) { - nftnl_table_set_data(t, attr, str, 0); + return nftnl_table_set_data(t, attr, str, 0); } EXPORT_SYMBOL_ALIAS(nftnl_table_set_str, nft_table_attr_set_str); -- cgit v1.2.3