Hi Pablo, On Fri, Feb 14, 2020 at 06:42:00PM +0100, Pablo Neira Ayuso wrote: > On Fri, Feb 14, 2020 at 06:34:50PM +0100, Phil Sutter wrote: > > On Fri, Feb 14, 2020 at 06:32:47PM +0100, Pablo Neira Ayuso wrote: > > > On Fri, Feb 14, 2020 at 06:24:17PM +0100, Phil Sutter wrote: > > > > Typical idiom for *_get_u*() getters is to call *_get_data() and make > > > > sure data_len matches what each of them is returning. Yet they shouldn't > > > > trust *_get_data() to write into passed pointer to data_len since for > > > > chains and NFTNL_CHAIN_DEVICES attribute, it does not. Make sure these > > > > assert() calls trigger in those cases. > > > > > > The intention to catch for unset attributes through the assertion, > > > right? > > > > No, this is about making sure that no wrong getter is called, e.g. > > nftnl_chain_get_u64() with e.g. NFTNL_CHAIN_HOOKNUM attribute which is > > only 32bits. > > I think it will also catch the case I'm asking. If attribute is unset, > then nftnl_chain_get_data() returns NULL and the assertion checks > data_len, which has not been properly initialized. With nftnl_assert() being (shortened): | #define nftnl_assert(val, attr, expr) \ | ((!val || expr) ? \ | (void)0 : __nftnl_assert_fail(attr, __FILE__, __LINE__)) Check for 'expr' (which is passed as 'data_len == sizeof(<something>)') will only happen if 'val' is not NULL. Callers then return like so: | return val ? *val : 0; This means that if you pass an unset attribute to the getter, it will simply return 0. Cheers, Phil
