On Thu, Dec 12, 2019 at 07:27:45PM +0100, Jan Engelhardt wrote:
> On Thursday 2019-12-12 18:45, Phil Sutter wrote:
> >[...]
> >> diff --git a/src/main.c b/src/main.c
> >> index fde8b15c5870..c96953e3cd2f 100644
> >> --- a/src/main.c
> >> +++ b/src/main.c
> >> +static int nft_opts_init(int argc, char * const argv[], struct nft_opts *opts)
> >> +{
> >> + uint32_t scope = 0;
> >> + char *new_argv;
> >> + int i;
> >> +
> >> + opts->argv = calloc(argc + 1, sizeof(char *));
> >> + if (!opts->argv)
> >> + return -1;
> >> +
> >> + for (i = 0; i < argc; i++) {
> >> + if (scope > 0) {
> >> + if (argv[i][0] == '-') {
> >> + new_argv = malloc(strlen(argv[i]) + 2);
> [...]
>
> Or simply stop taking options after the first-non option.
> This is declared POSIX behavior, and, for glibc, it only needs the
> POSIXLY_CORRECT environment variable, which can be set ahead of
> getopt()/getopt_long() call and unset afterwards again.
I think we tried that already, IIRC it breaks: nft list ruleset -a
which is in the test scripts.
The most sane approach from programmer perspective is to force users
to place options upfront. Otherwise, this needs this ugly
preprocessing which gives a bit more flexibility to users in turn.
