git.ipfire.org Git - thirdparty/nftables.git/commit

author	Patrick McHardy <kaber@trash.net>
	Mon, 17 Feb 2014 14:06:44 +0000 (14:06 +0000)
committer	Patrick McHardy <kaber@trash.net>
	Mon, 17 Feb 2014 17:17:18 +0000 (17:17 +0000)
commit	0545e0c13b3b7dff4dd53c8a68d8d1066c2829c0
tree	a2047b0a0d7dd68919a7f5c08e99150534457d41	tree
parent	4a11511e936b5d38837137c9d04f047d4dab2c8f	commit \| diff

netlink: fix prefix expression handling

The prefix expression handling is full of bugs:

- netlink_gen_data() is used to construct the prefix mask from the full
  prefix expression. This is both conceptually wrong, the prefix expression
  is *not* data, and buggy, it only assumes network masks and thus only
  handles big endian types.

- Prefix expression reconstruction doesn't check whether the mask is a
  valid prefix and reconstructs crap otherwise. It doesn't reconstruct
  prefixes for anything but network addresses. On top of that its
  needlessly complicated, using the mpz values directly its a simple
  matter of finding the sequence of 1's that extend up to the full width.

- Unnecessary cloning of expressions where a simple refcount increase would
  suffice.

Rewrite that code properly.

Signed-off-by: Patrick McHardy <kaber@trash.net>

src/netlink.c		diff \| blob \| blame \| history
src/netlink_delinearize.c		diff \| blob \| blame \| history
src/netlink_linearize.c		diff \| blob \| blame \| history