diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-09-15 01:05:52 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-09-15 01:08:47 +0200 |
| commit | b85769f9397c72ab62387ccc5b7a66d0c3ff5f21 (patch) | |
| tree | b2117107cd4fafa9fe90b2bbbf35ffc7e506a019 | |
| parent | 05615f110b6398484aeb2c7ad748f7aec5fcb136 (diff) | |
src: revert hashtable for expression handlers
Partially revert 913979f882d1 ("src: add expression handler hashtable")
which is causing a crash with two instances of the nftables handler.
$ sudo python
[sudo] password for echerkashin:
Python 3.9.7 (default, Sep 3 2021, 06:18:44)
[GCC 11.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from nftables import Nftables
>>> n1=Nftables()
>>> n2=Nftables()
>>> <Ctrl-D>
double free or corruption (top)
Aborted
Reported-by: Eugene Crosser <crosser@average.org>
Suggested-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | include/netlink.h | 3 | ||||
| -rw-r--r-- | src/libnftables.c | 2 | ||||
| -rw-r--r-- | src/netlink_delinearize.c | 40 |
3 files changed, 10 insertions, 35 deletions
diff --git a/include/netlink.h b/include/netlink.h index 0c8655ca..2467ff82 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -215,9 +215,6 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type, enum nft_data_types dtype_map_to_kernel(const struct datatype *dtype); -void expr_handler_init(void); -void expr_handler_exit(void); - void netlink_linearize_init(struct netlink_linearize_ctx *lctx, struct nftnl_rule *nlr); void netlink_linearize_fini(struct netlink_linearize_ctx *lctx); diff --git a/src/libnftables.c b/src/libnftables.c index aa6493aa..fc52fbc3 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -106,13 +106,11 @@ static void nft_init(struct nft_ctx *ctx) realm_table_rt_init(ctx); devgroup_table_init(ctx); ct_label_table_init(ctx); - expr_handler_init(); } static void nft_exit(struct nft_ctx *ctx) { cache_free(&ctx->cache.table_cache); - expr_handler_exit(); ct_label_table_exit(ctx); realm_table_rt_exit(ctx); devgroup_table_exit(ctx); diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index f2207ea1..bd75ad5c 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -1750,46 +1750,26 @@ static const struct expr_handler netlink_parsers[] = { { .name = "synproxy", .parse = netlink_parse_synproxy }, }; -static const struct expr_handler **expr_handle_ht; - -#define NFT_EXPR_HSIZE 4096 - -void expr_handler_init(void) -{ - unsigned int i; - uint32_t hash; - - expr_handle_ht = xzalloc_array(NFT_EXPR_HSIZE, - sizeof(expr_handle_ht[0])); - - for (i = 0; i < array_size(netlink_parsers); i++) { - hash = djb_hash(netlink_parsers[i].name) % NFT_EXPR_HSIZE; - assert(expr_handle_ht[hash] == NULL); - expr_handle_ht[hash] = &netlink_parsers[i]; - } -} - -void expr_handler_exit(void) -{ - xfree(expr_handle_ht); -} - static int netlink_parse_expr(const struct nftnl_expr *nle, struct netlink_parse_ctx *ctx) { const char *type = nftnl_expr_get_str(nle, NFTNL_EXPR_NAME); struct location loc; - uint32_t hash; + unsigned int i; memset(&loc, 0, sizeof(loc)); loc.indesc = &indesc_netlink; loc.nle = nle; - hash = djb_hash(type) % NFT_EXPR_HSIZE; - if (expr_handle_ht[hash]) - expr_handle_ht[hash]->parse(ctx, &loc, nle); - else - netlink_error(ctx, &loc, "unknown expression type '%s'", type); + for (i = 0; i < array_size(netlink_parsers); i++) { + if (strcmp(type, netlink_parsers[i].name)) + continue; + + netlink_parsers[i].parse(ctx, &loc, nle); + + return 0; + } + netlink_error(ctx, &loc, "unknown expression type '%s'", type); return 0; } |