7037828457
* Wed May 08 2024 Phil Sutter <psutter@redhat.com> [1.2.6-3.el9]
- tests: Fix objref test case (Phil Sutter) [RHEL-28515]
- expr: Respect data_len when setting attributes (Phil Sutter) [RHEL-28515]
- obj: Respect data_len when setting attributes (Phil Sutter) [RHEL-28515]
- utils: Introduce and use nftnl_set_str_attr() (Phil Sutter) [RHEL-28515]
- obj: Enforce attr_policy compliance in nftnl_obj_set_data() (Phil Sutter) [RHEL-28515]
- obj: Introduce struct obj_ops::attr_policy (Phil Sutter) [RHEL-28515]
- obj: Call obj_ops::set with legal attributes only (Phil Sutter) [RHEL-28515]
- obj: Repurpose struct obj_ops::max_attr field (Phil Sutter) [RHEL-28515]
- obj: Return value on setters (Phil Sutter) [RHEL-28515]
- object: getters take const struct (Phil Sutter) [RHEL-28515]
- utils: Fix for wrong variable use in nftnl_assert_validate() (Phil Sutter) [RHEL-28515]
- obj: synproxy: Use memcpy() to handle potentially unaligned data (Phil Sutter) [RHEL-28515]
- obj: Do not call nftnl_obj_set_data() with zero data_len (Phil Sutter) [RHEL-28515]
- table: Validate NFTNL_TABLE_OWNER, too (Phil Sutter) [RHEL-28515]
- set: Validate NFTNL_SET_ID, too (Phil Sutter) [RHEL-28515]
- obj: Validate NFTNL_OBJ_TYPE, too (Phil Sutter) [RHEL-28515]
- flowtable: Validate NFTNL_FLOWTABLE_SIZE, too (Phil Sutter) [RHEL-28515]
- table: Validate NFTNL_TABLE_USE, too (Phil Sutter) [RHEL-28515]
- chain: Validate NFTNL_CHAIN_USE, too (Phil Sutter) [RHEL-28515]
- expr: Enforce attr_policy compliance in nftnl_expr_set() (Phil Sutter) [RHEL-28515]
- expr: Introduce struct expr_ops::attr_policy (Phil Sutter) [RHEL-28515]
- include: Sync nf_log.h with kernel headers (Phil Sutter) [RHEL-28515]
- expr: Call expr_ops::set with legal types only (Phil Sutter) [RHEL-28515]
- expr: Repurpose struct expr_ops::max_attr field (Phil Sutter) [RHEL-28515]
- udata: incorrect userdata buffer size validation (Phil Sutter) [RHEL-28515]
- obj: ct_timeout: setter checks for timeout array boundaries (Phil Sutter) [RHEL-28515]
- set_elem: use nftnl_data_cpy() in NFTNL_SET_ELEM_{KEY,KEY_END,DATA} (Phil Sutter) [RHEL-28515]
- set: buffer overflow in NFTNL_SET_DESC_CONCAT setter (Phil Sutter) [RHEL-28515]
- expr: fix buffer overflows in data value setters (Phil Sutter) [RHEL-28515]
Resolves: RHEL-28515
117 lines
4.7 KiB
Diff
117 lines
4.7 KiB
Diff
From 85918467438e340b81386b9cc709ba6e88ff860b Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <psutter@redhat.com>
|
|
Date: Wed, 8 May 2024 22:39:40 +0200
|
|
Subject: [PATCH] object: getters take const struct
|
|
|
|
JIRA: https://issues.redhat.com/browse/RHEL-28515
|
|
Upstream Status: libnftnl commit ff117f50d2f99c03a65b4952b1a6988a8adc700f
|
|
|
|
commit ff117f50d2f99c03a65b4952b1a6988a8adc700f
|
|
Author: corubba <corubba@gmx.de>
|
|
Date: Sat Dec 9 23:03:01 2023 +0100
|
|
|
|
object: getters take const struct
|
|
|
|
As with all the other entities (like table or set), the getter functions
|
|
for objects now take a `const struct nftnl_obj*` as first parameter.
|
|
The getters for all specific object types (like counter or limit), which
|
|
are called in the default switch-case, already do.
|
|
|
|
Signed-off-by: corubba <corubba@gmx.de>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
---
|
|
include/libnftnl/object.h | 14 +++++++-------
|
|
src/object.c | 14 +++++++-------
|
|
2 files changed, 14 insertions(+), 14 deletions(-)
|
|
|
|
diff --git a/include/libnftnl/object.h b/include/libnftnl/object.h
|
|
index 9bd83a5..4b2d90f 100644
|
|
--- a/include/libnftnl/object.h
|
|
+++ b/include/libnftnl/object.h
|
|
@@ -131,14 +131,14 @@ void nftnl_obj_set_u16(struct nftnl_obj *ne, uint16_t attr, uint16_t val);
|
|
void nftnl_obj_set_u32(struct nftnl_obj *ne, uint16_t attr, uint32_t val);
|
|
void nftnl_obj_set_u64(struct nftnl_obj *obj, uint16_t attr, uint64_t val);
|
|
void nftnl_obj_set_str(struct nftnl_obj *ne, uint16_t attr, const char *str);
|
|
-const void *nftnl_obj_get_data(struct nftnl_obj *ne, uint16_t attr,
|
|
+const void *nftnl_obj_get_data(const struct nftnl_obj *ne, uint16_t attr,
|
|
uint32_t *data_len);
|
|
-const void *nftnl_obj_get(struct nftnl_obj *ne, uint16_t attr);
|
|
-uint8_t nftnl_obj_get_u8(struct nftnl_obj *ne, uint16_t attr);
|
|
-uint16_t nftnl_obj_get_u16(struct nftnl_obj *obj, uint16_t attr);
|
|
-uint32_t nftnl_obj_get_u32(struct nftnl_obj *ne, uint16_t attr);
|
|
-uint64_t nftnl_obj_get_u64(struct nftnl_obj *obj, uint16_t attr);
|
|
-const char *nftnl_obj_get_str(struct nftnl_obj *ne, uint16_t attr);
|
|
+const void *nftnl_obj_get(const struct nftnl_obj *ne, uint16_t attr);
|
|
+uint8_t nftnl_obj_get_u8(const struct nftnl_obj *ne, uint16_t attr);
|
|
+uint16_t nftnl_obj_get_u16(const struct nftnl_obj *obj, uint16_t attr);
|
|
+uint32_t nftnl_obj_get_u32(const struct nftnl_obj *ne, uint16_t attr);
|
|
+uint64_t nftnl_obj_get_u64(const struct nftnl_obj *obj, uint16_t attr);
|
|
+const char *nftnl_obj_get_str(const struct nftnl_obj *ne, uint16_t attr);
|
|
|
|
void nftnl_obj_nlmsg_build_payload(struct nlmsghdr *nlh,
|
|
const struct nftnl_obj *ne);
|
|
diff --git a/src/object.c b/src/object.c
|
|
index e94236e..a1a00d8 100644
|
|
--- a/src/object.c
|
|
+++ b/src/object.c
|
|
@@ -161,7 +161,7 @@ void nftnl_obj_set_str(struct nftnl_obj *obj, uint16_t attr, const char *str)
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get_data);
|
|
-const void *nftnl_obj_get_data(struct nftnl_obj *obj, uint16_t attr,
|
|
+const void *nftnl_obj_get_data(const struct nftnl_obj *obj, uint16_t attr,
|
|
uint32_t *data_len)
|
|
{
|
|
if (!(obj->flags & (1 << attr)))
|
|
@@ -199,42 +199,42 @@ const void *nftnl_obj_get_data(struct nftnl_obj *obj, uint16_t attr,
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get);
|
|
-const void *nftnl_obj_get(struct nftnl_obj *obj, uint16_t attr)
|
|
+const void *nftnl_obj_get(const struct nftnl_obj *obj, uint16_t attr)
|
|
{
|
|
uint32_t data_len;
|
|
return nftnl_obj_get_data(obj, attr, &data_len);
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get_u8);
|
|
-uint8_t nftnl_obj_get_u8(struct nftnl_obj *obj, uint16_t attr)
|
|
+uint8_t nftnl_obj_get_u8(const struct nftnl_obj *obj, uint16_t attr)
|
|
{
|
|
const void *ret = nftnl_obj_get(obj, attr);
|
|
return ret == NULL ? 0 : *((uint8_t *)ret);
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get_u16);
|
|
-uint16_t nftnl_obj_get_u16(struct nftnl_obj *obj, uint16_t attr)
|
|
+uint16_t nftnl_obj_get_u16(const struct nftnl_obj *obj, uint16_t attr)
|
|
{
|
|
const void *ret = nftnl_obj_get(obj, attr);
|
|
return ret == NULL ? 0 : *((uint16_t *)ret);
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get_u32);
|
|
-uint32_t nftnl_obj_get_u32(struct nftnl_obj *obj, uint16_t attr)
|
|
+uint32_t nftnl_obj_get_u32(const struct nftnl_obj *obj, uint16_t attr)
|
|
{
|
|
const void *ret = nftnl_obj_get(obj, attr);
|
|
return ret == NULL ? 0 : *((uint32_t *)ret);
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get_u64);
|
|
-uint64_t nftnl_obj_get_u64(struct nftnl_obj *obj, uint16_t attr)
|
|
+uint64_t nftnl_obj_get_u64(const struct nftnl_obj *obj, uint16_t attr)
|
|
{
|
|
const void *ret = nftnl_obj_get(obj, attr);
|
|
return ret == NULL ? 0 : *((uint64_t *)ret);
|
|
}
|
|
|
|
EXPORT_SYMBOL(nftnl_obj_get_str);
|
|
-const char *nftnl_obj_get_str(struct nftnl_obj *obj, uint16_t attr)
|
|
+const char *nftnl_obj_get_str(const struct nftnl_obj *obj, uint16_t attr)
|
|
{
|
|
return nftnl_obj_get(obj, attr);
|
|
}
|