On Thu, Dec 12, 2019 at 06:45:35PM +0100, Phil Sutter wrote: > Hi Pablo, > > On Thu, Dec 12, 2019 at 06:14:55PM +0100, Pablo Neira Ayuso wrote: > [...] > > diff --git a/src/main.c b/src/main.c > > index fde8b15c5870..c96953e3cd2f 100644 > > --- a/src/main.c > > +++ b/src/main.c > > @@ -202,29 +202,107 @@ static const struct { > > }, > > }; > > > > +struct nft_opts { > > + char **argv; > > + int argc; > > +}; > > + > > +static int nft_opts_init(int argc, char * const argv[], struct nft_opts *opts) > > +{ > > + uint32_t scope = 0; > > + char *new_argv; > > + int i; > > + > > + opts->argv = calloc(argc + 1, sizeof(char *)); > > + if (!opts->argv) > > + return -1; > > + > > + for (i = 0; i < argc; i++) { > > + if (scope > 0) { > > + if (argv[i][0] == '-') { > > + new_argv = malloc(strlen(argv[i]) + 2); > > + if (!new_argv) > > + return -1; > > + > > + sprintf(new_argv, "\\-%s", &argv[i][1]); > > + opts->argv[opts->argc++] = new_argv; > > + continue; > > + } > > + } else if (argv[i][0] == '{') { > > + scope++; > > + } else if (argv[i][0] == '}') { > > + scope--; > > + } > > This first char check is not reliable, bison accepts commands which lack > spaces in the relevant places: > > | # nft add chain inet t c{ type filter hook input priority filter\; } > | # echo $? > | 0 Yes, it won't catch that case. Do you think it is worth going further in this preprocessing? Incremental patch on top of this one is attached to this email.
diff --git a/src/main.c b/src/main.c index c96953e3cd2f..dc867e89ee6d 100644 --- a/src/main.c +++ b/src/main.c @@ -228,9 +228,9 @@ static int nft_opts_init(int argc, char * const argv[], struct nft_opts *opts) opts->argv[opts->argc++] = new_argv; continue; } - } else if (argv[i][0] == '{') { + } else if (strchr(argv[i], '{')) { scope++; - } else if (argv[i][0] == '}') { + } else if (strchr(argv[i], '}')) { scope--; }