libpfctl: verify all parsers

List all currently defined parsers in 'all_parsers', and pass them to
SNL_VERIFY_PARSERS(). This will detect incorrect odering in parsers,
which will help us detect otherwise subtle bugs.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost
2026-02-12 10:39:05 +01:00
parent 363b57d579
commit 1e7665e368
+40 -12
View File
@@ -69,12 +69,15 @@ const char* PFCTL_SYNCOOKIES_MODE_NAMES[] = {
static int _pfctl_clear_states(int , const struct pfctl_kill *,
unsigned int *, uint64_t);
static void _pfctl_verify_parsers(void);
struct pfctl_handle *
pfctl_open(const char *pf_device)
{
struct pfctl_handle *h;
_pfctl_verify_parsers();
h = calloc(1, sizeof(struct pfctl_handle));
h->fd = open(pf_device, O_RDWR);
@@ -397,10 +400,6 @@ static const struct snl_attr_parser ap_getstatus[] = {
SNL_DECLARE_PARSER(getstatus_parser, struct genlmsghdr, snl_f_p_empty, ap_getstatus);
#undef _OUT
static const struct snl_hdr_parser *stat_parser[] = {
&getstatus_parser,
};
struct pfctl_status *
pfctl_get_status_h(struct pfctl_handle *h)
{
@@ -411,8 +410,6 @@ pfctl_get_status_h(struct pfctl_handle *h)
uint32_t seq_id;
int family_id;
SNL_VERIFY_PARSERS(stat_parser);
family_id = snl_get_genl_family(&h->ss, PFNL_FAMILY_NAME);
if (family_id == 0)
return (NULL);
@@ -1971,15 +1968,9 @@ static struct snl_attr_parser ap_state[] = {
#undef _OUT
SNL_DECLARE_PARSER(state_parser, struct genlmsghdr, snl_f_p_empty, ap_state);
static const struct snl_hdr_parser *all_parsers[] = {
&state_parser, &skey_parser, &speer_parser,
&creator_parser, &getrules_parser
};
int
pfctl_get_states_h(struct pfctl_handle *h, struct pfctl_state_filter *filter, pfctl_get_state_fn f, void *arg)
{
SNL_VERIFY_PARSERS(all_parsers);
int family_id = snl_get_genl_family(&h->ss, PFNL_FAMILY_NAME);
int ret;
@@ -4239,3 +4230,40 @@ pfctl_source_clear(struct pfctl_handle *h, struct pfctl_source_clear *kill)
return (e.error);
}
static const struct snl_hdr_parser *all_parsers[] = {
&begin_addrs_parser,
&clear_states_parser,
&clr_addrs_parser,
&creator_parser,
&get_addr_parser,
&get_addrs_parser,
&get_limit_parser,
&get_timeout_parser,
&getrule_parser,
&getrules_parser,
&getstatus_parser,
&nadd_parser,
&natlook_parser,
&ndel_parser,
&ruleset_parser,
&skey_parser,
&source_parser,
&sourcelim_parser,
&speer_parser,
&srcnode_parser,
&state_parser,
&statelim_parser,
&table_add_addr_parser,
&table_astats_parser,
&table_del_addr_parser,
&table_get_addr_parser,
&table_set_addr_parser,
&tstats_clr_parser,
&tstats_parser,
};
static void
_pfctl_verify_parsers(void)
{
SNL_VERIFY_PARSERS(all_parsers);
}