laurenceman / rpms / iptables

Forked from rpms/iptables 5 years ago
Clone

Blame SOURCES/iptables-1.4.21-remove_duplicated_argument_parsing.patch

9c64ad
Adapted version of
9c64ad
9c64ad
commit 6e2e169eb66b63d2991e1c7ada931e3cdb0ced32
9c64ad
Author: Lorenzo Colitti <lorenzo@google.com>
9c64ad
Date:   Thu Mar 16 16:55:01 2017 +0900
9c64ad
9c64ad
    iptables: remove duplicated argument parsing code
9c64ad
    
9c64ad
    1. Factor out repeated code to a new xs_has_arg function.
9c64ad
    2. Add a new parse_wait_time option to parse the value of -w.
9c64ad
    3. Make parse_wait_interval take argc and argv so its callers
9c64ad
       can be simpler.
9c64ad
    
9c64ad
    Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
9c64ad
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9c64ad
9c64ad
diff -up iptables-1.4.21/iptables/ip6tables.c.remove_duplicated_argument_parsing iptables-1.4.21/iptables/ip6tables.c
9c64ad
--- iptables-1.4.21/iptables/ip6tables.c.remove_duplicated_argument_parsing	2017-04-05 14:51:44.033970476 +0200
9c64ad
+++ iptables-1.4.21/iptables/ip6tables.c	2017-04-05 14:51:44.044970566 +0200
9c64ad
@@ -1388,8 +1388,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_DELETE, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!') {
9c64ad
+			if (xs_has_arg(argc, argv)) {
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 				command = CMD_DELETE_NUM;
9c64ad
 			}
9c64ad
@@ -1399,8 +1398,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_REPLACE, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			else
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -1412,8 +1410,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_INSERT, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			else rulenum = 1;
9c64ad
 			break;
9c64ad
@@ -1422,11 +1419,9 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_LIST,
9c64ad
 				    CMD_ZERO | CMD_ZERO_NUM, cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1434,11 +1429,9 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_LIST_RULES,
9c64ad
 				    CMD_ZERO | CMD_ZERO_NUM, cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1446,8 +1439,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_FLUSH, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1455,11 +1447,9 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_ZERO, CMD_LIST|CMD_LIST_RULES,
9c64ad
 				    cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				&& argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-				&& argv[optind][0] != '!') {
9c64ad
+			if (xs_has_arg(argc, argv)) {
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 				command = CMD_ZERO_NUM;
9c64ad
 			}
9c64ad
@@ -1476,8 +1466,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_DELETE_CHAIN, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1485,8 +1474,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_RENAME_CHAIN, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				newname = argv[optind++];
9c64ad
 			else
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -1499,8 +1487,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_SET_POLICY, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				policy = argv[optind++];
9c64ad
 			else
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -1610,16 +1597,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 					      "You cannot use `-w' from "
9c64ad
 					      "ip6tables-restore");
9c64ad
 			}
9c64ad
-			wait = -1;
9c64ad
-			if (optarg) {
9c64ad
-				if (sscanf(optarg, "%i", &wait) != 1)
9c64ad
-					xtables_error(PARAMETER_PROBLEM,
9c64ad
-						"wait seconds not numeric");
9c64ad
-			} else if (optind < argc && argv[optind][0] != '-'
9c64ad
-						 && argv[optind][0] != '!')
9c64ad
-				if (sscanf(argv[optind++], "%i", &wait) != 1)
9c64ad
-					xtables_error(PARAMETER_PROBLEM,
9c64ad
-						"wait seconds not numeric");
9c64ad
+			wait = parse_wait_time(argc, argv);
9c64ad
 			break;
9c64ad
 
9c64ad
 		case 'W':
9c64ad
@@ -1628,14 +1606,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 					      "You cannot use `-W' from "
9c64ad
 					      "ip6tables-restore");
9c64ad
 			}
9c64ad
-			if (optarg)
9c64ad
-				parse_wait_interval(optarg, &wait_interval);
9c64ad
-			else if (optind < argc &&
9c64ad
-				argv[optind][0] != '-' &&
9c64ad
-				argv[optind][0] != '!')
9c64ad
-				parse_wait_interval(argv[optind++],
9c64ad
-						    &wait_interval);
9c64ad
-
9c64ad
+			parse_wait_interval(argc, argv, &wait_interval);
9c64ad
 			wait_interval_set = true;
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1685,8 +1656,7 @@ int do_command6(int argc, char *argv[],
9c64ad
 			bcnt = strchr(pcnt + 1, ',');
9c64ad
 			if (bcnt)
9c64ad
 			    bcnt++;
9c64ad
-			if (!bcnt && optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (!bcnt && xs_has_arg(argc, argv))
9c64ad
 				bcnt = argv[optind++];
9c64ad
 			if (!bcnt)
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
diff -up iptables-1.4.21/iptables/iptables.c.remove_duplicated_argument_parsing iptables-1.4.21/iptables/iptables.c
9c64ad
--- iptables-1.4.21/iptables/iptables.c.remove_duplicated_argument_parsing	2017-04-05 14:51:44.034970484 +0200
9c64ad
+++ iptables-1.4.21/iptables/iptables.c	2017-04-05 14:51:44.044970566 +0200
9c64ad
@@ -1381,8 +1381,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_DELETE, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!') {
9c64ad
+			if (xs_has_arg(argc, argv)) {
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 				command = CMD_DELETE_NUM;
9c64ad
 			}
9c64ad
@@ -1392,8 +1391,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_REPLACE, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			else
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -1405,8 +1403,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_INSERT, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			else rulenum = 1;
9c64ad
 			break;
9c64ad
@@ -1415,11 +1412,9 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_LIST,
9c64ad
 				    CMD_ZERO | CMD_ZERO_NUM, cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1427,11 +1422,9 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_LIST_RULES,
9c64ad
 				    CMD_ZERO|CMD_ZERO_NUM, cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1439,8 +1432,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_FLUSH, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1448,11 +1440,9 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_ZERO, CMD_LIST|CMD_LIST_RULES,
9c64ad
 				    cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				&& argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-				&& argv[optind][0] != '!') {
9c64ad
+			if (xs_has_arg(argc, argv)) {
9c64ad
 				rulenum = parse_rulenumber(argv[optind++]);
9c64ad
 				command = CMD_ZERO_NUM;
9c64ad
 			}
9c64ad
@@ -1469,8 +1459,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_DELETE_CHAIN, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			if (optarg) chain = optarg;
9c64ad
-			else if (optind < argc && argv[optind][0] != '-'
9c64ad
-				 && argv[optind][0] != '!')
9c64ad
+			else if (xs_has_arg(argc, argv))
9c64ad
 				chain = argv[optind++];
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1478,8 +1467,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_RENAME_CHAIN, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				newname = argv[optind++];
9c64ad
 			else
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -1492,8 +1480,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			add_command(&command, CMD_SET_POLICY, CMD_NONE,
9c64ad
 				    cs.invert);
9c64ad
 			chain = optarg;
9c64ad
-			if (optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (xs_has_arg(argc, argv))
9c64ad
 				policy = argv[optind++];
9c64ad
 			else
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -1601,16 +1588,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 					      "You cannot use `-w' from "
9c64ad
 					      "iptables-restore");
9c64ad
 			}
9c64ad
-			wait = -1;
9c64ad
-			if (optarg) {
9c64ad
-				if (sscanf(optarg, "%i", &wait) != 1)
9c64ad
-					xtables_error(PARAMETER_PROBLEM,
9c64ad
-						"wait seconds not numeric");
9c64ad
-			} else if (optind < argc && argv[optind][0] != '-'
9c64ad
-						 && argv[optind][0] != '!')
9c64ad
-				if (sscanf(argv[optind++], "%i", &wait) != 1)
9c64ad
-					xtables_error(PARAMETER_PROBLEM,
9c64ad
-						"wait seconds not numeric");
9c64ad
+			wait = parse_wait_time(argc, argv);
9c64ad
 			break;
9c64ad
 
9c64ad
 		case 'W':
9c64ad
@@ -1619,14 +1597,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 					      "You cannot use `-W' from "
9c64ad
 					      "iptables-restore");
9c64ad
 			}
9c64ad
-			if (optarg)
9c64ad
-				parse_wait_interval(optarg, &wait_interval);
9c64ad
-			else if (optind < argc &&
9c64ad
-				 argv[optind][0] != '-' &&
9c64ad
-				 argv[optind][0] != '!')
9c64ad
-				parse_wait_interval(argv[optind++],
9c64ad
-						    &wait_interval);
9c64ad
-
9c64ad
+			parse_wait_interval(argc, argv, &wait_interval);
9c64ad
 			wait_interval_set = true;
9c64ad
 			break;
9c64ad
 
9c64ad
@@ -1676,8 +1647,7 @@ int do_command4(int argc, char *argv[],
9c64ad
 			bcnt = strchr(pcnt + 1, ',');
9c64ad
 			if (bcnt)
9c64ad
 			    bcnt++;
9c64ad
-			if (!bcnt && optind < argc && argv[optind][0] != '-'
9c64ad
-			    && argv[optind][0] != '!')
9c64ad
+			if (!bcnt && xs_has_arg(argc, argv))
9c64ad
 				bcnt = argv[optind++];
9c64ad
 			if (!bcnt)
9c64ad
 				xtables_error(PARAMETER_PROBLEM,
9c64ad
diff -up iptables-1.4.21/iptables/xshared.c.remove_duplicated_argument_parsing iptables-1.4.21/iptables/xshared.c
9c64ad
--- iptables-1.4.21/iptables/xshared.c.remove_duplicated_argument_parsing	2017-04-05 14:51:44.042970550 +0200
9c64ad
+++ iptables-1.4.21/iptables/xshared.c	2017-04-05 14:51:44.045970574 +0200
9c64ad
@@ -285,12 +285,36 @@ bool xtables_lock(int wait, struct timev
9c64ad
 	}
9c64ad
 }
9c64ad
 
9c64ad
-void parse_wait_interval(const char *str, struct timeval *wait_interval)
9c64ad
+int parse_wait_time(int argc, char *argv[])
9c64ad
 {
9c64ad
+	int wait = -1;
9c64ad
+
9c64ad
+	if (optarg) {
9c64ad
+		if (sscanf(optarg, "%i", &wait) != 1)
9c64ad
+			xtables_error(PARAMETER_PROBLEM,
9c64ad
+				"wait seconds not numeric");
9c64ad
+	} else if (xs_has_arg(argc, argv))
9c64ad
+		if (sscanf(argv[optind++], "%i", &wait) != 1)
9c64ad
+			xtables_error(PARAMETER_PROBLEM,
9c64ad
+				"wait seconds not numeric");
9c64ad
+
9c64ad
+	return wait;
9c64ad
+}
9c64ad
+
9c64ad
+void parse_wait_interval(int argc, char *argv[], struct timeval *wait_interval)
9c64ad
+{
9c64ad
+	const char *arg;
9c64ad
 	unsigned int usec;
9c64ad
 	int ret;
9c64ad
 
9c64ad
-	ret = sscanf(str, "%u", &usec);
9c64ad
+	if (optarg)
9c64ad
+		arg = optarg;
9c64ad
+	else if (xs_has_arg(argc, argv))
9c64ad
+		arg = argv[optind++];
9c64ad
+	else
9c64ad
+		return;
9c64ad
+
9c64ad
+	ret = sscanf(arg, "%u", &usec);
9c64ad
 	if (ret == 1) {
9c64ad
 		if (usec > 999999)
9c64ad
 			xtables_error(PARAMETER_PROBLEM,
9c64ad
@@ -303,3 +327,10 @@ void parse_wait_interval(const char *str
9c64ad
 	}
9c64ad
 	xtables_error(PARAMETER_PROBLEM, "wait interval not numeric");
9c64ad
 }
9c64ad
+
9c64ad
+inline bool xs_has_arg(int argc, char *argv[])
9c64ad
+{
9c64ad
+	return optind < argc &&
9c64ad
+	       argv[optind][0] != '-' &&
9c64ad
+	       argv[optind][0] != '!';
9c64ad
+}
9c64ad
diff -up iptables-1.4.21/iptables/xshared.h.remove_duplicated_argument_parsing iptables-1.4.21/iptables/xshared.h
9c64ad
--- iptables-1.4.21/iptables/xshared.h.remove_duplicated_argument_parsing	2017-04-05 14:51:44.034970484 +0200
9c64ad
+++ iptables-1.4.21/iptables/xshared.h	2017-04-05 14:51:44.045970574 +0200
9c64ad
@@ -86,7 +86,9 @@ extern void xs_init_target(struct xtable
9c64ad
 extern void xs_init_match(struct xtables_match *);
9c64ad
 bool xtables_lock(int wait, struct timeval *wait_interval);
9c64ad
 
9c64ad
-void parse_wait_interval(const char *str, struct timeval *wait_interval);
9c64ad
+int parse_wait_time(int argc, char *argv[]);
9c64ad
+void parse_wait_interval(int argc, char *argv[], struct timeval *wait_interval);
9c64ad
+bool xs_has_arg(int argc, char *argv[]);
9c64ad
 
9c64ad
 extern const struct xtables_afinfo *afinfo;
9c64ad