src: error reporting with -f and read from stdin

Reading from stdin requires to store the ruleset in a buffer so error reporting works accordingly, eg. # cat ruleset.nft | nft -f - /dev/stdin:3:13-13: Error: unknown identifier 'x' ip saddr $x ^ The error reporting infrastructure performs a fseek() on the file descriptor which does not work in this case since the data from the descriptor has been already consumed. This patch adds a new stdin input descriptor to perform this special handling which consists on re-routing this request through the buffer functions. Fixes: 935f82e7dd49 ("Support 'nft -f -' to read from stdin") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2022-01-02 21:39:42 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2022-01-15 18:11:22 +0100
commit: 5c2b2b0a2ba7c1403c6af3e59dd3f51d04a64645 (patch)
tree: bd49b55be7618b302307e808fc7c23e2acb59760 /include/nftables.h
parent: 8ad4056e9182a03cf160b045532f0569d6b79c22 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/include/nftables.h b/include/nftables.h
index 7b633905..d6d9b9cc 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -128,6 +128,7 @@ struct nft_ctx {
 	struct scope		*top_scope;
 	void			*json_root;
 	json_t			*json_echo;
+	const char		*stdin_buf;
 };
 
 enum nftables_exit_codes {
@@ -175,6 +176,7 @@ enum input_descriptor_types {
 	INDESC_FILE,
 	INDESC_CLI,
 	INDESC_NETLINK,
+	INDESC_STDIN,
 };
 
 /**
author	Pablo Neira Ayuso <pablo@netfilter.org>	2022-01-02 21:39:42 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2022-01-15 18:11:22 +0100
commit	5c2b2b0a2ba7c1403c6af3e59dd3f51d04a64645 (patch)
tree	bd49b55be7618b302307e808fc7c23e2acb59760 /include/nftables.h
parent	8ad4056e9182a03cf160b045532f0569d6b79c22 (diff)