libpfctl: verify all parsers
List all currently defined parsers in 'all_parsers', and pass them to
SNL_VERIFY_PARSERS(). This will detect incorrect odering in parsers,
which will help us detect otherwise subtle bugs.
Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
+40
-12
@@ -69,12 +69,15 @@ const char* PFCTL_SYNCOOKIES_MODE_NAMES[] = {
|
||||
|
||||
static int _pfctl_clear_states(int , const struct pfctl_kill *,
|
||||
unsigned int *, uint64_t);
|
||||
static void _pfctl_verify_parsers(void);
|
||||
|
||||
struct pfctl_handle *
|
||||
pfctl_open(const char *pf_device)
|
||||
{
|
||||
struct pfctl_handle *h;
|
||||
|
||||
_pfctl_verify_parsers();
|
||||
|
||||
h = calloc(1, sizeof(struct pfctl_handle));
|
||||
|
||||
h->fd = open(pf_device, O_RDWR);
|
||||
@@ -397,10 +400,6 @@ static const struct snl_attr_parser ap_getstatus[] = {
|
||||
SNL_DECLARE_PARSER(getstatus_parser, struct genlmsghdr, snl_f_p_empty, ap_getstatus);
|
||||
#undef _OUT
|
||||
|
||||
static const struct snl_hdr_parser *stat_parser[] = {
|
||||
&getstatus_parser,
|
||||
};
|
||||
|
||||
struct pfctl_status *
|
||||
pfctl_get_status_h(struct pfctl_handle *h)
|
||||
{
|
||||
@@ -411,8 +410,6 @@ pfctl_get_status_h(struct pfctl_handle *h)
|
||||
uint32_t seq_id;
|
||||
int family_id;
|
||||
|
||||
SNL_VERIFY_PARSERS(stat_parser);
|
||||
|
||||
family_id = snl_get_genl_family(&h->ss, PFNL_FAMILY_NAME);
|
||||
if (family_id == 0)
|
||||
return (NULL);
|
||||
@@ -1971,15 +1968,9 @@ static struct snl_attr_parser ap_state[] = {
|
||||
#undef _OUT
|
||||
SNL_DECLARE_PARSER(state_parser, struct genlmsghdr, snl_f_p_empty, ap_state);
|
||||
|
||||
static const struct snl_hdr_parser *all_parsers[] = {
|
||||
&state_parser, &skey_parser, &speer_parser,
|
||||
&creator_parser, &getrules_parser
|
||||
};
|
||||
|
||||
int
|
||||
pfctl_get_states_h(struct pfctl_handle *h, struct pfctl_state_filter *filter, pfctl_get_state_fn f, void *arg)
|
||||
{
|
||||
SNL_VERIFY_PARSERS(all_parsers);
|
||||
int family_id = snl_get_genl_family(&h->ss, PFNL_FAMILY_NAME);
|
||||
int ret;
|
||||
|
||||
@@ -4239,3 +4230,40 @@ pfctl_source_clear(struct pfctl_handle *h, struct pfctl_source_clear *kill)
|
||||
return (e.error);
|
||||
}
|
||||
|
||||
static const struct snl_hdr_parser *all_parsers[] = {
|
||||
&begin_addrs_parser,
|
||||
&clear_states_parser,
|
||||
&clr_addrs_parser,
|
||||
&creator_parser,
|
||||
&get_addr_parser,
|
||||
&get_addrs_parser,
|
||||
&get_limit_parser,
|
||||
&get_timeout_parser,
|
||||
&getrule_parser,
|
||||
&getrules_parser,
|
||||
&getstatus_parser,
|
||||
&nadd_parser,
|
||||
&natlook_parser,
|
||||
&ndel_parser,
|
||||
&ruleset_parser,
|
||||
&skey_parser,
|
||||
&source_parser,
|
||||
&sourcelim_parser,
|
||||
&speer_parser,
|
||||
&srcnode_parser,
|
||||
&state_parser,
|
||||
&statelim_parser,
|
||||
&table_add_addr_parser,
|
||||
&table_astats_parser,
|
||||
&table_del_addr_parser,
|
||||
&table_get_addr_parser,
|
||||
&table_set_addr_parser,
|
||||
&tstats_clr_parser,
|
||||
&tstats_parser,
|
||||
};
|
||||
|
||||
static void
|
||||
_pfctl_verify_parsers(void)
|
||||
{
|
||||
SNL_VERIFY_PARSERS(all_parsers);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user