src: use expression to store the log prefix

Intsead of using an array of char.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/expression.h b/include/expression.h
index 8135a516cf3ac16360753b42432251c6affd3045..87937a5040b3aab5ec21959db0d04a9e3597dc20 100644 (file)
--- a/include/expression.h
+++ b/include/expression.h
@@ -381,6 +381,8 @@ extern const struct datatype *expr_basetype(const struct expr *expr);
 extern void expr_set_type(struct expr *expr, const struct datatype *dtype,
                          enum byteorder byteorder);
 
+void expr_to_string(const struct expr *expr, char *string);
+
 struct eval_ctx;
 extern int expr_binary_error(struct list_head *msgs,
                             const struct expr *e1, const struct expr *e2,

diff --git a/include/linux/netfilter/nf_log.h b/include/linux/netfilter/nf_log.h
index 8be21e02387db67010fb26b50abb59201b9c0e5c..2ae00932d3d250c08e118413199a6c7d189de920 100644 (file)
--- a/include/linux/netfilter/nf_log.h
+++ b/include/linux/netfilter/nf_log.h
@@ -1,3 +1,4 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
 #ifndef _NETFILTER_NF_LOG_H
 #define _NETFILTER_NF_LOG_H
 
@@ -9,4 +10,6 @@
 #define NF_LOG_MACDECODE       0x20    /* Decode MAC header */
 #define NF_LOG_MASK            0x2f
 
+#define NF_LOG_PREFIXLEN       128
+
 #endif /* _NETFILTER_NF_LOG_H */

diff --git a/include/statement.h b/include/statement.h
index 7d96b3947dfc7a907f9cef6307c118c94d60fa64..061bc61949157c6f7076a9c23841e8d9c4fc16e5 100644 (file)
--- a/include/statement.h
+++ b/include/statement.h
@@ -75,7 +75,7 @@ enum {
 };
 
 struct log_stmt {
-       const char              *prefix;
+       struct expr             *prefix;
        unsigned int            snaplen;
        uint16_t                group;
        uint16_t                qthreshold;

diff --git a/src/expression.c b/src/expression.c
index a6bde70f508e1318cb1563021896a835d09d2fe1..fe529f98de7b153818d686955d3f8ac6d10c302d 100644 (file)
--- a/src/expression.c
+++ b/src/expression.c
@@ -175,6 +175,15 @@ void expr_describe(const struct expr *expr, struct output_ctx *octx)
        }
 }
 
+void expr_to_string(const struct expr *expr, char *string)
+{
+       int len = expr->len / BITS_PER_BYTE;
+
+       assert(expr->dtype == &string_type);
+
+       mpz_export_data(string, expr->value, BYTEORDER_HOST_ENDIAN, len);
+}
+
 void expr_set_type(struct expr *expr, const struct datatype *dtype,
                   enum byteorder byteorder)
 {

diff --git a/src/json.c b/src/json.c
index ed7131816d7d0651660df1b65fc394823aa83b56..24583060e68e7906b08bd17e1a621167d4e325fb 100644 (file)
--- a/src/json.c
+++ b/src/json.c
@@ -1224,9 +1224,12 @@ json_t *log_stmt_json(const struct stmt *stmt, struct output_ctx *octx)
 {
        json_t *root = json_object(), *flags;
 
-       if (stmt->log.flags & STMT_LOG_PREFIX)
-               json_object_set_new(root, "prefix",
-                                   json_string(stmt->log.prefix));
+       if (stmt->log.flags & STMT_LOG_PREFIX) {
+               char prefix[NF_LOG_PREFIXLEN] = {};
+
+               expr_to_string(stmt->log.prefix, prefix);
+               json_object_set_new(root, "prefix", json_string(prefix));
+       }
        if (stmt->log.flags & STMT_LOG_GROUP)
                json_object_set_new(root, "group",
                                    json_integer(stmt->log.group));

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 8de4830c4f806c8d8d304593ee7371ca670951c3..7d7e07cf89ced7790fdf71cdb1aed6e6c846b343 100644 (file)
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -901,7 +901,11 @@ static void netlink_parse_log(struct netlink_parse_ctx *ctx,
        stmt = log_stmt_alloc(loc);
        prefix = nftnl_expr_get_str(nle, NFTNL_EXPR_LOG_PREFIX);
        if (nftnl_expr_is_set(nle, NFTNL_EXPR_LOG_PREFIX)) {
-               stmt->log.prefix = xstrdup(prefix);
+               stmt->log.prefix = constant_expr_alloc(&internal_location,
+                                                      &string_type,
+                                                      BYTEORDER_HOST_ENDIAN,
+                                                      (strlen(prefix) + 1) * BITS_PER_BYTE,
+                                                      prefix);
                stmt->log.flags |= STMT_LOG_PREFIX;
        }
        if (nftnl_expr_is_set(nle, NFTNL_EXPR_LOG_GROUP)) {

diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 08f7f89f1066a645172b63896e66a1285476d19d..528f1e5cd0fefc37ec6078c61fda122543943442 100644 (file)
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -10,6 +10,7 @@
  */
 
 #include <linux/netfilter/nf_tables.h>
+#include <linux/netfilter/nf_log.h>
 
 #include <string.h>
 #include <rule.h>
@@ -1006,8 +1007,10 @@ static void netlink_gen_log_stmt(struct netlink_linearize_ctx *ctx,
 
        nle = alloc_nft_expr("log");
        if (stmt->log.prefix != NULL) {
-               nftnl_expr_set_str(nle, NFTNL_EXPR_LOG_PREFIX,
-                                     stmt->log.prefix);
+               char prefix[NF_LOG_PREFIXLEN] = {};
+
+               expr_to_string(stmt->log.prefix, prefix);
+               nftnl_expr_set_str(nle, NFTNL_EXPR_LOG_PREFIX, prefix);
        }
        if (stmt->log.flags & STMT_LOG_GROUP) {
                nftnl_expr_set_u16(nle, NFTNL_EXPR_LOG_GROUP, stmt->log.group);

diff --git a/src/parser_bison.y b/src/parser_bison.y
index 72e67186c91348a92a3901b69e49f5fde659afd1..2fecc3472fbaacb12903ab7c3eaf1cd9efbf4aa7 100644 (file)
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2636,7 +2636,12 @@ log_args         :       log_arg
 
 log_arg                        :       PREFIX                  string
                        {
-                               $<stmt>0->log.prefix     = $2;
+                               struct expr *expr;
+
+                               expr = constant_expr_alloc(&@$, &string_type,
+                                                          BYTEORDER_HOST_ENDIAN,
+                                                          strlen($2) * BITS_PER_BYTE, $2);
+                               $<stmt>0->log.prefix     = expr;
                                $<stmt>0->log.flags     |= STMT_LOG_PREFIX;
                        }
                        |       GROUP                   NUM

diff --git a/src/parser_json.c b/src/parser_json.c
index 9fdef6913ad5687627de42e206682eb8e68be3b1..59347168cdc86a7cc2b900ce6bba1d4c4adb867e 100644 (file)
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -2159,7 +2159,9 @@ static struct stmt *json_parse_log_stmt(struct json_ctx *ctx,
        stmt = log_stmt_alloc(int_loc);
 
        if (!json_unpack(value, "{s:s}", "prefix", &tmpstr)) {
-               stmt->log.prefix = xstrdup(tmpstr);
+               stmt->log.prefix = constant_expr_alloc(int_loc, &string_type,
+                                                      BYTEORDER_HOST_ENDIAN,
+                                                      (strlen(tmpstr) + 1) * BITS_PER_BYTE, tmpstr);
                stmt->log.flags |= STMT_LOG_PREFIX;
        }
        if (!json_unpack(value, "{s:i}", "group", &tmp)) {

diff --git a/src/statement.c b/src/statement.c
index 21a1bc8d40dd58aa73b0f8ab56e2576f36a2f517..afedbba21b750937bec6109ff88c32318e85137c 100644 (file)
--- a/src/statement.c
+++ b/src/statement.c
@@ -18,6 +18,7 @@
 
 #include <arpa/inet.h>
 #include <linux/netfilter.h>
+#include <linux/netfilter/nf_log.h>
 #include <netinet/ip_icmp.h>
 #include <netinet/icmp6.h>
 #include <statement.h>
@@ -300,8 +301,12 @@ int log_level_parse(const char *level)
 static void log_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
 {
        nft_print(octx, "log");
-       if (stmt->log.flags & STMT_LOG_PREFIX)
-               nft_print(octx, " prefix \"%s\"", stmt->log.prefix);
+       if (stmt->log.flags & STMT_LOG_PREFIX) {
+               char prefix[NF_LOG_PREFIXLEN] = {};
+
+               expr_to_string(stmt->log.prefix, prefix);
+               nft_print(octx, " prefix \"%s\"", prefix);
+       }
        if (stmt->log.flags & STMT_LOG_GROUP)
                nft_print(octx, " group %u", stmt->log.group);
        if (stmt->log.flags & STMT_LOG_SNAPLEN)
@@ -338,7 +343,7 @@ static void log_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
 
 static void log_stmt_destroy(struct stmt *stmt)
 {
-       xfree(stmt->log.prefix);
+       expr_free(stmt->log.prefix);
 }
 
 static const struct stmt_ops log_stmt_ops = {