[netfilter-cvslog] r6862 - in trunk/libnetfilter_conntrack: include src/conntrack

pablo at netfilter.org pablo at netfilter.org
Thu Jun 7 17:37:44 CEST 2007 

Author: pablo at netfilter.org
Date: 2007-06-07 17:37:44 +0200 (Thu, 07 Jun 2007)
New Revision: 6862

Modified:
   trunk/libnetfilter_conntrack/include/internal.h
   trunk/libnetfilter_conntrack/src/conntrack/api.c
   trunk/libnetfilter_conntrack/src/conntrack/snprintf.c
   trunk/libnetfilter_conntrack/src/conntrack/snprintf_default.c
   trunk/libnetfilter_conntrack/src/conntrack/snprintf_xml.c
Log:
fix nfct_snprintf behaviour if the buffer passed is too small (similar to C99 convention)


Modified: trunk/libnetfilter_conntrack/include/internal.h
===================================================================
--- trunk/libnetfilter_conntrack/include/internal.h	2007-06-04 17:30:24 UTC (rev 6861)
+++ trunk/libnetfilter_conntrack/include/internal.h	2007-06-07 15:37:44 UTC (rev 6862)
@@ -158,6 +158,12 @@
 	return ((1UL << (nr & 31)) & (addr[nr >> 5])) != 0;
 }
 
+#define BUFFER_SIZE(ret, size, len)			\
+	if (ret > len)					\
+		ret = len;				\
+	size += ret;					\
+	len -= ret;
+
 int __build_conntrack(struct nfnl_subsys_handle *ssh, struct nfnlhdr *req, size_t size, u_int16_t type, u_int16_t flags, const struct nf_conntrack *ct);
 void __build_tuple(struct nfnlhdr *req, size_t size, const struct __nfct_tuple *t, const int type);
 int __parse_message_type(const struct nlmsghdr *nlh);

Modified: trunk/libnetfilter_conntrack/src/conntrack/api.c
===================================================================
--- trunk/libnetfilter_conntrack/src/conntrack/api.c	2007-06-04 17:30:24 UTC (rev 6861)
+++ trunk/libnetfilter_conntrack/src/conntrack/api.c	2007-06-07 15:37:44 UTC (rev 6862)
@@ -605,8 +605,9 @@
  * 	- NFCT_O_LAYER: include layer 3 information in the output, this is
  * 			*only* required by NFCT_O_DEFAULT.
  *
- * On error, -1 is returned and errno is set appropiately. Otherwise,
- * 0 is returned.
+ * This function returns the size of the information that _would_ have been 
+ * written to the buffer, even if there was no room for it. Thus, the
+ * behaviour is similar to snprintf.
  */
 int nfct_snprintf(char *buf,
 		  unsigned int size,

Modified: trunk/libnetfilter_conntrack/src/conntrack/snprintf.c
===================================================================
--- trunk/libnetfilter_conntrack/src/conntrack/snprintf.c	2007-06-04 17:30:24 UTC (rev 6861)
+++ trunk/libnetfilter_conntrack/src/conntrack/snprintf.c	2007-06-07 15:37:44 UTC (rev 6862)
@@ -29,8 +29,7 @@
 	}
 
 	/* NULL terminated string */
-	if (snprintf(buf+size, len-size, "\0") == -1)
-		return -1;
+	buf[size+1 > len ? len-1 : size] = '\0';
 
 	return size;
 }

Modified: trunk/libnetfilter_conntrack/src/conntrack/snprintf_default.c
===================================================================
--- trunk/libnetfilter_conntrack/src/conntrack/snprintf_default.c	2007-06-04 17:30:24 UTC (rev 6861)
+++ trunk/libnetfilter_conntrack/src/conntrack/snprintf_default.c	2007-06-07 15:37:44 UTC (rev 6862)
@@ -70,19 +70,15 @@
 			    unsigned int len,
 			    const struct __nfct_tuple *tuple)
 {
-	int ret, size;
+	int ret, size = 0;
 	struct in_addr src = { .s_addr = tuple->src.v4 };
 	struct in_addr dst = { .s_addr = tuple->dst.v4 };
 
 	ret = snprintf(buf, len, "src=%s ", inet_ntoa(src));
-	if (ret == -1)
-		return -1;
-	size = ret;
+	BUFFER_SIZE(ret, size, len);
 
-	ret = snprintf(buf+size, len-size, "dst=%s ", inet_ntoa(dst));
-	if (ret == -1)
-		return -1;
-	size += ret;
+	ret = snprintf(buf+size, len, "dst=%s ", inet_ntoa(dst));
+	BUFFER_SIZE(ret, size, len);
 
 	return size;
 }
@@ -91,7 +87,7 @@
 			    unsigned int len,
 			    const struct __nfct_tuple *tuple)
 {
-	int size;
+	int ret, size = 0;
 	struct in6_addr src;
 	struct in6_addr dst;
 	char tmp[INET6_ADDRSTRLEN];
@@ -102,12 +98,14 @@
 	if (!inet_ntop(AF_INET6, &src, tmp, sizeof(tmp)))
 		return -1;
 
-	size = snprintf(buf, len, "src=%s ", tmp); 
+	ret = snprintf(buf, len, "src=%s ", tmp);
+	BUFFER_SIZE(ret, size, len);
 
 	if (!inet_ntop(AF_INET6, &dst, tmp, sizeof(tmp)))
 		return -1;
 
-	size += snprintf(buf+size, len-size, "dst=%s ", tmp);
+	ret = snprintf(buf+size, len-size, "dst=%s ", tmp);
+	BUFFER_SIZE(ret, size, len);
 
 	return size;
 }
@@ -228,113 +226,68 @@
 			break;
 	}
 
-	if (ret == -1)
-		return -1;
-	size += ret;
-	remain -= ret;
+	BUFFER_SIZE(ret, size, remain);
 
 	if (flags & NFCT_OF_SHOW_LAYER3) {
 		ret = __snprintf_l3protocol(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	ret = __snprintf_protocol(buf+size, remain, ct);
-	if (ret == -1)
-		return -1;
-	size += ret;
-	remain -= ret;
+	BUFFER_SIZE(ret, size, remain);
 
 	if (test_bit(ATTR_TIMEOUT, ct->set)) {
 		ret = __snprintf_timeout(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
         if (test_bit(ATTR_TCP_STATE, ct->set)) {
 		ret = __snprintf_protoinfo(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	ret = __snprintf_address(buf+size, remain, &ct->tuple[__DIR_ORIG]);
-	if (ret == -1)
-		return -1;
-	size += ret;
-	remain -= ret;
+	BUFFER_SIZE(ret, size, remain);
 
 	ret = __snprintf_proto(buf+size, remain, &ct->tuple[__DIR_ORIG]);
-	if (ret == -1)
-		return -1;
-	size += ret;
-	remain -= ret;
+	BUFFER_SIZE(ret, size, remain);
 
 	if (test_bit(ATTR_ORIG_COUNTER_PACKETS, ct->set) &&
 	    test_bit(ATTR_ORIG_COUNTER_BYTES, ct->set)) {
 		ret = __snprintf_counters(buf+size, remain, ct, __DIR_ORIG);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	if (test_bit(ATTR_STATUS, ct->set)) {
 		ret = __snprintf_status_not_seen_reply(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	ret = __snprintf_address(buf+size, remain, &ct->tuple[__DIR_REPL]);
-	if (ret == -1)
-		return -1;
-	size += ret;
-	remain -= ret;
+	BUFFER_SIZE(ret, size, remain);
 
 	ret = __snprintf_proto(buf+size, remain, &ct->tuple[__DIR_REPL]);
-	if (ret == -1)
-		return -1;
-	size += ret;
-	remain -= ret;
+	BUFFER_SIZE(ret, size, remain);
 
 	if (test_bit(ATTR_REPL_COUNTER_PACKETS, ct->set) &&
 	    test_bit(ATTR_REPL_COUNTER_BYTES, ct->set)) {
 		ret = __snprintf_counters(buf+size, remain, ct, __DIR_REPL);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	if (test_bit(ATTR_STATUS, ct->set)) {
 		ret = __snprintf_status_assured(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	if (test_bit(ATTR_MARK, ct->set)) {
 		ret = __snprintf_mark(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	if (test_bit(ATTR_USE, ct->set)) {
 		ret = __snprintf_use(buf+size, remain, ct);
-		if (ret == -1)
-			return -1;
-		size += ret;
-		remain -= ret;
+		BUFFER_SIZE(ret, size, remain);
 	}
 
 	/* Delete the last blank space */

Modified: trunk/libnetfilter_conntrack/src/conntrack/snprintf_xml.c
===================================================================
--- trunk/libnetfilter_conntrack/src/conntrack/snprintf_xml.c	2007-06-04 17:30:24 UTC (rev 6861)
+++ trunk/libnetfilter_conntrack/src/conntrack/snprintf_xml.c	2007-06-07 15:37:44 UTC (rev 6862)
@@ -67,12 +67,6 @@
 	__ADDR_DST,
 };
 
-static void buffer_size(int ret, unsigned int *size, unsigned int *len)
-{
-	*size += ret;
-	*len -= ret;
-}
-
 static char *__proto2str(u_int8_t protonum)
 {
 	return proto2str[protonum] ? proto2str[protonum] : "unknown";
@@ -123,45 +117,33 @@
 	switch(type) {
 	case __ADDR_SRC:
 		ret = snprintf(buf, len, "<src>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 		break;
 	case __ADDR_DST:
 		ret = snprintf(buf+size, len, "<dst>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 		break;
 	}
 
 	switch (tuple->l3protonum) {
 	case AF_INET:
 		ret = __snprintf_ipv4_xml(buf+size, len, tuple, type);
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 		break;
 	case AF_INET6:
 		ret = __snprintf_ipv6_xml(buf+size, len, tuple, type);
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 		break;
 	}
 
 	switch(type) {
 	case __ADDR_SRC:
 		ret = snprintf(buf+size, len, "</src>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 		break;
 	case __ADDR_DST:
 		ret = snprintf(buf+size, len, "</dst>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 		break;
 	}
 
@@ -183,15 +165,11 @@
 		if (type == __ADDR_SRC) {
 			ret = snprintf(buf, len, "<sport>%u</sport>", 
 				       ntohs(tuple->l4src.tcp.port));
-			if (ret == -1)
-				return -1;
-			buffer_size(ret, &size, &len);
+			BUFFER_SIZE(ret, size, len);
 		} else {
 			ret = snprintf(buf, len, "<dport>%u</dport>",
 				       ntohs(tuple->l4dst.tcp.port));
-			if (ret == -1)
-				return -1;
-			buffer_size(ret, &size, &len);
+			BUFFER_SIZE(ret, size, len);
 		}
 		break;
 	}
@@ -209,15 +187,11 @@
 
 	ret = snprintf(buf, len, "<packets>%llu</packets>",
 		       ct->counters[type].packets);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = snprintf(buf+size, len, "<bytes>%llu</bytes>",
 		       ct->counters[type].bytes);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	return size;
 }
@@ -233,76 +207,50 @@
 
 	ret = snprintf(buf, len, "<meta direction=\"%s\">",
 		       dir == __DIR_ORIG ? "original" : "reply");
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = snprintf(buf+size, len, 
 		       "<layer3 protonum=\"%d\" protoname=\"%s\">",
 		       tuple->l3protonum, __l3proto2str(tuple->l3protonum));
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = __snprintf_addr_xml(buf+size, len, tuple, __DIR_ORIG);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = __snprintf_addr_xml(buf+size, len, tuple, __DIR_REPL);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = snprintf(buf+size, len, "</layer3>");
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = snprintf(buf+size, len, 
 		       "<layer4 protonum=\"%d\" protoname=\"%s\">",
 		       tuple->protonum, __proto2str(tuple->protonum));
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = __snprintf_proto_xml(buf+size, len, tuple, __DIR_ORIG);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = __snprintf_proto_xml(buf+size, len, tuple, __DIR_REPL);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = snprintf(buf+size, len, "</layer4>");
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	if (test_bit(ATTR_ORIG_COUNTER_PACKETS, ct->set) &&
 	    test_bit(ATTR_ORIG_COUNTER_BYTES, ct->set)) {
 		ret = snprintf(buf+size, len, "<counters>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 
 		ret = __snprintf_counters_xml(buf+size, len, ct, dir);
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 
 		ret = snprintf(buf+size, len, "</counters>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	ret = snprintf(buf+size, len, "</meta>");
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	return size;
 }
@@ -331,19 +279,13 @@
 			break;
 	}
 
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = __snprintf_tuple_xml(buf+size, len, ct, __DIR_ORIG);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	ret = __snprintf_tuple_xml(buf+size, len, ct, __DIR_REPL);
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	if (test_bit(ATTR_TIMEOUT, ct->set) ||
 	    test_bit(ATTR_MARK, ct->set) ||
@@ -351,47 +293,35 @@
 	    test_bit(ATTR_STATUS, ct->set)) {
 		ret = snprintf(buf+size, len, 
 			       "<meta direction=\"independent\">");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	if (test_bit(ATTR_TIMEOUT, ct->set)) {
 		ret = snprintf(buf+size, len,
 				"<timeout>%u</timeout>", ct->timeout);
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	if (test_bit(ATTR_MARK, ct->set)) {
 		ret = snprintf(buf+size, len, "<mark>%u</mark>", ct->mark);
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	if (test_bit(ATTR_USE, ct->set)) {
 		ret = snprintf(buf+size, len, "<use>%u</use>", ct->use);
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	if (test_bit(ATTR_STATUS, ct->set)
 	    && ct->status & IPS_ASSURED) {
 		ret = snprintf(buf+size, len, "<assured/>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	if (test_bit(ATTR_STATUS, ct->set) 
 	    && !(ct->status & IPS_SEEN_REPLY)) {
 		ret = snprintf(buf+size, len, "<unreplied/>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	if (test_bit(ATTR_TIMEOUT, ct->set) ||
@@ -399,15 +329,11 @@
 	    test_bit(ATTR_USE, ct->set) ||
 	    test_bit(ATTR_STATUS, ct->set)) {
 	    	ret = snprintf(buf+size, len, "</meta>");
-		if (ret == -1)
-			return -1;
-		buffer_size(ret, &size, &len);
+		BUFFER_SIZE(ret, size, len);
 	}
 
 	ret = snprintf(buf+size, len, "</flow>");
-	if (ret == -1)
-		return -1;
-	buffer_size(ret, &size, &len);
+	BUFFER_SIZE(ret, size, len);
 
 	return size;
 }

More information about the netfilter-cvslog mailing list