CVS commit: src/usr.sbin/npf/npfctl

Sat, 10 Aug 2019 15:24:18 -0700 

Module Name:    src
Committed By:   rmind
Date:           Sat Aug 10 22:23:55 UTC 2019

Modified Files:
        src/usr.sbin/npf/npfctl: npf_show.c

Log Message:
npfctl show/validate: fix couple bugs in multiple table/port representation.
Fixes PR/54122.


To generate a diff of this commit:
cvs rdiff -u -r1.28 -r1.29 src/usr.sbin/npf/npfctl/npf_show.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/usr.sbin/npf/npfctl/npf_show.c
diff -u src/usr.sbin/npf/npfctl/npf_show.c:1.28 src/usr.sbin/npf/npfctl/npf_show.c:1.29
--- src/usr.sbin/npf/npfctl/npf_show.c:1.28	Tue Jul 23 00:52:02 2019
+++ src/usr.sbin/npf/npfctl/npf_show.c	Sat Aug 10 22:23:55 2019
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2013 The NetBSD Foundation, Inc.
+ * Copyright (c) 2013-2019 The NetBSD Foundation, Inc.
  * All rights reserved.
  *
  * This code is derived from software contributed to The NetBSD Foundation
@@ -34,7 +34,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: npf_show.c,v 1.28 2019/07/23 00:52:02 rmind Exp $");
+__RCSID("$NetBSD: npf_show.c,v 1.29 2019/08/10 22:23:55 rmind Exp $");
 
 #include <sys/socket.h>
 #define	__FAVOR_BSD
@@ -220,21 +220,29 @@ print_tcpflags(npf_conf_info_t *ctx __un
 }
 
 static char *
-print_portrange(npf_conf_info_t *ctx, const uint32_t *words)
+print_pbarrier(npf_conf_info_t *ctx, const uint32_t *words __unused)
+{
+	if (ctx->curmark == BM_SRC_PORTS && (ctx->flags & SEEN_SRC) == 0) {
+		ctx->flags |= SEEN_SRC;
+		return estrdup("from any");
+	}
+	if (ctx->curmark == BM_DST_PORTS && (ctx->flags & SEEN_DST) == 0) {
+		ctx->flags |= SEEN_DST;
+		return estrdup("to any");
+	}
+	return NULL;
+}
+
+static char *
+print_portrange(npf_conf_info_t *ctx __unused, const uint32_t *words)
 {
 	u_int fport = words[0], tport = words[1];
-	const char *any_str = "";
 	char *p;
 
-	if (ctx->curmark == BM_SRC_PORTS && (ctx->flags & SEEN_SRC) == 0)
-		any_str = "from any ";
-	if (ctx->curmark == BM_DST_PORTS && (ctx->flags & SEEN_DST) == 0)
-		any_str = "to any ";
-
 	if (fport != tport) {
-		easprintf(&p, "%sport %u:%u", any_str, fport, tport);
+		easprintf(&p, "%u-%u", fport, tport);
 	} else {
-		easprintf(&p, "%sport %u", any_str, fport);
+		easprintf(&p, "%u", fport);
 	}
 	return p;
 }
@@ -283,12 +291,14 @@ static const struct mark_keyword_mapent 
 	{ BM_ICMP_CODE,	"code %s",	NULL, 0,	print_number,	1 },
 
 	{ BM_SRC_CIDR,	"from %s",	", ", SEEN_SRC,	print_address,	6 },
-	{ BM_SRC_TABLE,	"from %s",	NULL, SEEN_SRC,	print_table,	1 },
-	{ BM_SRC_PORTS,	"%s",		", ", 0,	print_portrange,2 },
+	{ BM_SRC_TABLE,	"from %s",	", ", SEEN_SRC,	print_table,	1 },
+	{ BM_SRC_PORTS,	"%s",		NULL, 0,	print_pbarrier,	2 },
+	{ BM_SRC_PORTS,	"port %s",	", ", 0,	print_portrange,2 },
 
 	{ BM_DST_CIDR,	"to %s",	", ", SEEN_DST,	print_address,	6 },
-	{ BM_DST_TABLE,	"to %s",	NULL, SEEN_DST,	print_table,	1 },
-	{ BM_DST_PORTS,	"%s",		", ", 0,	print_portrange,2 },
+	{ BM_DST_TABLE,	"to %s",	", ", SEEN_DST,	print_table,	1 },
+	{ BM_DST_PORTS,	"%s",		NULL, 0,	print_pbarrier,	2 },
+	{ BM_DST_PORTS,	"port %s",	", ", 0,	print_portrange,2 },
 };
 
 static const char * __attribute__((format_arg(2)))
@@ -314,13 +324,17 @@ scan_marks(npf_conf_info_t *ctx, const s
 			errx(EXIT_FAILURE, "byte-code marking inconsistency");
 		}
 		if (m == mk->mark) {
+			char *val;
+
 			/* Set the current mark and the flags. */
 			ctx->flags |= mk->set_flags;
 			ctx->curmark = m;
 
 			/* Value is processed by the print function. */
 			assert(mk->fwords == nwords);
-			vals[nvals++] = mk->printfn(ctx, marks);
+			if ((val = mk->printfn(ctx, marks)) != NULL) {
+				vals[nvals++] = val;
+			}
 		}
 		marks += nwords;
 		mlen -= nwords;

Reply via email to