libnftnl: allow any set name length

Unfortunately libnftnl restricts the set names in the lookup and dynset
expressions to 16 bytes. Remove this restriction so this can work with
the upcoming 4.7 Linux kernel.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/expr/dynset.c b/src/expr/dynset.c
index ec8f2d3a130f2964e175f97a99de306a18b5c2eb..e82b10b16ae8ac613a43376be89f166c3b77f1fc 100644 (file)
--- a/src/expr/dynset.c
+++ b/src/expr/dynset.c
@@ -22,17 +22,13 @@
 #include "expr_ops.h"
 #include <buffer.h>
 
-#ifndef IFNAMSIZ
-#define IFNAMSIZ       16
-#endif
-
 struct nftnl_expr_dynset {
        enum nft_registers      sreg_key;
        enum nft_registers      sreg_data;
        enum nft_dynset_ops     op;
        uint64_t                timeout;
        struct nftnl_expr       *expr;
-       char                    set_name[IFNAMSIZ];
+       char                    *set_name;
        uint32_t                set_id;
 };
 
@@ -56,8 +52,7 @@ nftnl_expr_dynset_set(struct nftnl_expr *e, uint16_t type,
                dynset->timeout = *((uint64_t *)data);
                break;
        case NFTNL_EXPR_DYNSET_SET_NAME:
-               snprintf(dynset->set_name, sizeof(dynset->set_name), "%s",
-                        (const char *)data);
+               dynset->set_name = strdup((const char *)data);
                break;
        case NFTNL_EXPR_DYNSET_SET_ID:
                dynset->set_id = *((uint32_t *)data);
@@ -186,7 +181,8 @@ nftnl_expr_dynset_parse(struct nftnl_expr *e, struct nlattr *attr)
                e->flags |= (1 << NFTNL_EXPR_DYNSET_TIMEOUT);
        }
        if (tb[NFTA_DYNSET_SET_NAME]) {
-               strcpy(dynset->set_name, mnl_attr_get_str(tb[NFTA_DYNSET_SET_NAME]));
+               dynset->set_name =
+                       strdup(mnl_attr_get_str(tb[NFTA_DYNSET_SET_NAME]));
                e->flags |= (1 << NFTNL_EXPR_DYNSET_SET_NAME);
        }
        if (tb[NFTA_DYNSET_SET_ID]) {
@@ -361,10 +357,18 @@ nftnl_expr_dynset_snprintf(char *buf, size_t size, uint32_t type,
        return -1;
 }
 
+static void nftnl_expr_dynset_free(struct nftnl_expr *e)
+{
+       struct nftnl_expr_dynset *dynset = nftnl_expr_data(e);
+
+       xfree(dynset->set_name);
+}
+
 struct expr_ops expr_ops_dynset = {
        .name           = "dynset",
        .alloc_len      = sizeof(struct nftnl_expr_dynset),
        .max_attr       = NFTA_DYNSET_MAX,
+       .free           = nftnl_expr_dynset_free,
        .set            = nftnl_expr_dynset_set,
        .get            = nftnl_expr_dynset_get,
        .parse          = nftnl_expr_dynset_parse,

diff --git a/src/expr/lookup.c b/src/expr/lookup.c
index d911cb6e2588bceeaa95431c6640bfa8aa4ea833..b26d9e54b5c22e88ff598effc9643b5317669849 100644 (file)
--- a/src/expr/lookup.c
+++ b/src/expr/lookup.c
@@ -21,14 +21,10 @@
 #include <libnftnl/rule.h>
 #include <libnftnl/expr.h>
 
-#ifndef IFNAMSIZ
-#define IFNAMSIZ       16
-#endif
-
 struct nftnl_expr_lookup {
        enum nft_registers      sreg;
        enum nft_registers      dreg;
-       char                    set_name[IFNAMSIZ];
+       char                    *set_name;
        uint32_t                set_id;
 };
 
@@ -46,8 +42,7 @@ nftnl_expr_lookup_set(struct nftnl_expr *e, uint16_t type,
                lookup->dreg = *((uint32_t *)data);
                break;
        case NFTNL_EXPR_LOOKUP_SET:
-               snprintf(lookup->set_name, sizeof(lookup->set_name), "%s",
-                        (const char *)data);
+               lookup->set_name = strdup((const char *)data);
                break;
        case NFTNL_EXPR_LOOKUP_SET_ID:
                lookup->set_id = *((uint32_t *)data);
@@ -140,7 +135,8 @@ nftnl_expr_lookup_parse(struct nftnl_expr *e, struct nlattr *attr)
                e->flags |= (1 << NFTNL_EXPR_LOOKUP_DREG);
        }
        if (tb[NFTA_LOOKUP_SET]) {
-               strcpy(lookup->set_name, mnl_attr_get_str(tb[NFTA_LOOKUP_SET]));
+               lookup->set_name =
+                       strdup(mnl_attr_get_str(tb[NFTA_LOOKUP_SET]));
                e->flags |= (1 << NFTNL_EXPR_LOOKUP_SET);
        }
        if (tb[NFTA_LOOKUP_SET_ID]) {
@@ -258,10 +254,18 @@ nftnl_expr_lookup_snprintf(char *buf, size_t size, uint32_t type,
        return -1;
 }
 
+static void nftnl_expr_lookup_free(struct nftnl_expr *e)
+{
+       struct nftnl_expr_lookup *lookup = nftnl_expr_data(e);
+
+       xfree(lookup->set_name);
+}
+
 struct expr_ops expr_ops_lookup = {
        .name           = "lookup",
        .alloc_len      = sizeof(struct nftnl_expr_lookup),
        .max_attr       = NFTA_LOOKUP_MAX,
+       .free           = nftnl_expr_lookup_free,
        .set            = nftnl_expr_lookup_set,
        .get            = nftnl_expr_lookup_get,
        .parse          = nftnl_expr_lookup_parse,