summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2019-10-28 18:08:55 +0100
committerPhil Sutter <phil@nwl.cc>2019-10-30 15:19:57 +0100
commit909e297ed430c3d7be0ad06bb002913e766115f1 (patch)
treec77be0f00276952d682947af88d91df91a37da89
parent1698fca7d49fff4b7c8752cc4f3f18cfe73a6aaf (diff)
mnl: Replace use of untyped nftnl data setters
Setting strings won't make a difference, but passing data length to *_set_data() functions allows for catching accidental changes on either side. Signed-off-by: Phil Sutter <phil@nwl.cc> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--src/mnl.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/mnl.c b/src/mnl.c
index 960c5574..933e18d9 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -573,7 +573,8 @@ int mnl_nft_chain_add(struct netlink_ctx *ctx, const struct cmd *cmd,
if (i == 1)
nftnl_chain_set_str(nlc, NFTNL_CHAIN_DEV, dev_array[0]);
else if (i > 1)
- nftnl_chain_set(nlc, NFTNL_CHAIN_DEVICES, dev_array);
+ nftnl_chain_set_data(nlc, NFTNL_CHAIN_DEVICES, dev_array,
+ sizeof(char *) * dev_array_len);
xfree(dev_array);
}
@@ -714,7 +715,7 @@ int mnl_nft_table_add(struct netlink_ctx *ctx, const struct cmd *cmd,
memory_allocation_error();
nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family);
- nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name);
+ nftnl_table_set_str(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name);
if (cmd->table)
nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, cmd->table->flags);
else
@@ -743,7 +744,8 @@ int mnl_nft_table_del(struct netlink_ctx *ctx, const struct cmd *cmd)
nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family);
if (cmd->handle.table.name)
- nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name);
+ nftnl_table_set_str(nlt, NFTNL_TABLE_NAME,
+ cmd->handle.table.name);
else if (cmd->handle.handle.id)
nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE,
cmd->handle.handle.id);
@@ -1035,8 +1037,9 @@ int mnl_nft_obj_add(struct netlink_ctx *ctx, const struct cmd *cmd,
if (obj->ct_timeout.l3proto)
nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_TIMEOUT_L3PROTO,
obj->ct_timeout.l3proto);
- nftnl_obj_set(nlo, NFTNL_OBJ_CT_TIMEOUT_ARRAY,
- obj->ct_timeout.timeout);
+ nftnl_obj_set_data(nlo, NFTNL_OBJ_CT_TIMEOUT_ARRAY,
+ obj->ct_timeout.timeout,
+ sizeof(obj->ct_timeout.timeout));
break;
case NFT_OBJECT_CT_EXPECT:
if (obj->ct_expect.l3proto)
@@ -1441,7 +1444,8 @@ int mnl_nft_flowtable_add(struct netlink_ctx *ctx, const struct cmd *cmd,
dev_array[i++] = expr->identifier;
dev_array[i] = NULL;
- nftnl_flowtable_set(flo, NFTNL_FLOWTABLE_DEVICES, dev_array);
+ nftnl_flowtable_set_data(flo, NFTNL_FLOWTABLE_DEVICES,
+ dev_array, sizeof(char *) * len);
free(dev_array);
netlink_dump_flowtable(flo, ctx);