On Thu, Nov 16, 2017 at 02:38:24PM +0100, Pablo Neira Ayuso wrote: > On Thu, Nov 16, 2017 at 09:06:29AM +0100, Phil Sutter wrote: > > This introduces a rather nasty macro to call nftnl_*_fprintf() only if > > output_fp is valid. On the other hand, it allows to pull the common > > parts (format argument, event conversion) into a single place. > > > > Signed-off-by: Phil Sutter <phil@xxxxxx> > > --- > > src/netlink.c | 38 ++++++++++++++++++-------------------- > > 1 file changed, 18 insertions(+), 20 deletions(-) > > > > diff --git a/src/netlink.c b/src/netlink.c > > index 845eeeffd7387..81b92ac1e2d7c 100644 > > --- a/src/netlink.c > > +++ b/src/netlink.c > > @@ -40,6 +40,12 @@ > > #include <iface.h> > > > > #define nft_mon_print(monh, ...) nft_print(monh->ctx->octx, __VA_ARGS__) > > +#define nftnl_mon_print(monh, type, obj, event) \ > > + if (monh->ctx->octx->output_fp) { \ > > + nftnl_##type##_fprintf(monh->ctx->octx->output_fp, \ > > + obj, monh->format, \ > > + netlink_msg2nftnl_of(event)); \ > > + } > > Wait. > > Can't we just change nftnl_*_fprintf to do nothing if output_fp is > NULL. > > That should be safe. Looks like you just caught me trying to avoid changing libnftnl. :D Yet I still consider the macro valuable since it avoids the nasty pointer deref chain. I'll prepare a patch to libnftnl and then provide v2 of this patch with simplified nftnl_mon_print() macro. ACK? Thanks, Phil -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html