ipset: fix json output format for IPSET_OPT_IP

IPSET_OPT_IP should be quoted to be a well formed json file, otherwise see
following bad example (range is not quoted):

  # ipset create foo bitmap:ip range 192.168.0.0/16
  # ipset list -o json foo
  [
    {
      "name" : "foo",
      "type" : "bitmap:ip",
      "revision" : 3,
      "header" : {
        "range" : 192.168.0.0-192.168.255.255,
        "memsize" : 8280,
        "references" : 0,
        "numentries" : 0
      },
      "members" : [
      ]
    }
  ]

Signed-off-by: Z. Liu <liuzx@knownsec.com>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>

diff --git a/lib/print.c b/lib/print.c
index 6ea79cb421636501819a65c3a1342c8a089e8c03..3806e1c04736beb2541680926f1c654274c218d0 100644 (file)
--- a/lib/print.c
+++ b/lib/print.c
@@ -261,6 +261,7 @@ ipset_print_ip(char *buf, unsigned int len,
        uint8_t family, cidr;
        int flags, size, offset = 0;
        enum ipset_opt cidropt;
+       const char *quoted = env & IPSET_ENV_QUOTED ? "\"" : "";
 
        assert(buf);
        assert(len > 0);
@@ -277,20 +278,26 @@ ipset_print_ip(char *buf, unsigned int len,
                cidr = family == NFPROTO_IPV6 ? 128 : 32;
        flags = (env & IPSET_ENV_RESOLVE) ? 0 : NI_NUMERICHOST;
 
+       size = snprintf(buf, len, "%s", quoted);
+       SNPRINTF_FAILURE(size, len, offset);
+
        ip = ipset_data_get(data, opt);
        assert(ip);
        if (family == NFPROTO_IPV4)
-               size = snprintf_ipv4(buf, len, flags, ip, cidr);
+               size = snprintf_ipv4(buf + offset, len, flags, ip, cidr);
        else if (family == NFPROTO_IPV6)
-               size = snprintf_ipv6(buf, len, flags, ip, cidr);
+               size = snprintf_ipv6(buf + offset, len, flags, ip, cidr);
        else
                return -1;
        D("size %i, len %u", size, len);
        SNPRINTF_FAILURE(size, len, offset);
 
        D("len: %u, offset %u", len, offset);
-       if (!ipset_data_test(data, IPSET_OPT_IP_TO))
+       if (!ipset_data_test(data, IPSET_OPT_IP_TO)) {
+               size = snprintf(buf + offset, len, "%s", quoted);
+               SNPRINTF_FAILURE(size, len, offset);
                return offset;
+       }
 
        size = snprintf(buf + offset, len, "%s", IPSET_RANGE_SEPARATOR);
        SNPRINTF_FAILURE(size, len, offset);
@@ -304,6 +311,10 @@ ipset_print_ip(char *buf, unsigned int len,
                return -1;
 
        SNPRINTF_FAILURE(size, len, offset);
+
+       size = snprintf(buf + offset, len, "%s", quoted);
+       SNPRINTF_FAILURE(size, len, offset);
+
        return offset;
 }