On Thu, Dec 12, 2019 at 06:45:35PM +0100, Phil Sutter wrote:
> Hi Pablo,
>
> On Thu, Dec 12, 2019 at 06:14:55PM +0100, Pablo Neira Ayuso wrote:
> [...]
> > diff --git a/src/main.c b/src/main.c
> > index fde8b15c5870..c96953e3cd2f 100644
> > --- a/src/main.c
> > +++ b/src/main.c
> > @@ -202,29 +202,107 @@ static const struct {
> > },
> > };
> >
> > +struct nft_opts {
> > + char **argv;
> > + int argc;
> > +};
> > +
> > +static int nft_opts_init(int argc, char * const argv[], struct nft_opts *opts)
> > +{
> > + uint32_t scope = 0;
> > + char *new_argv;
> > + int i;
> > +
> > + opts->argv = calloc(argc + 1, sizeof(char *));
> > + if (!opts->argv)
> > + return -1;
> > +
> > + for (i = 0; i < argc; i++) {
> > + if (scope > 0) {
> > + if (argv[i][0] == '-') {
> > + new_argv = malloc(strlen(argv[i]) + 2);
> > + if (!new_argv)
> > + return -1;
> > +
> > + sprintf(new_argv, "\\-%s", &argv[i][1]);
> > + opts->argv[opts->argc++] = new_argv;
> > + continue;
> > + }
> > + } else if (argv[i][0] == '{') {
> > + scope++;
> > + } else if (argv[i][0] == '}') {
> > + scope--;
> > + }
>
> This first char check is not reliable, bison accepts commands which lack
> spaces in the relevant places:
>
> | # nft add chain inet t c{ type filter hook input priority filter\; }
> | # echo $?
> | 0
Yes, it won't catch that case. Do you think it is worth going further
in this preprocessing?
Incremental patch on top of this one is attached to this email.
diff --git a/src/main.c b/src/main.c
index c96953e3cd2f..dc867e89ee6d 100644
--- a/src/main.c
+++ b/src/main.c
@@ -228,9 +228,9 @@ static int nft_opts_init(int argc, char * const argv[], struct nft_opts *opts)
opts->argv[opts->argc++] = new_argv;
continue;
}
- } else if (argv[i][0] == '{') {
+ } else if (strchr(argv[i], '{')) {
scope++;
- } else if (argv[i][0] == '}') {
+ } else if (strchr(argv[i], '}')) {
scope--;
}
