[PATCH nft] src: revert hashtable for expression handlers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Partially revert 913979f882d1 ("src: add expression handler hashtable")
which is causing a crash with two instances of the nftables handler.

$ sudo python
[sudo] password for echerkashin:
Python 3.9.7 (default, Sep  3 2021, 06:18:44)
[GCC 11.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from nftables import Nftables
>>> n1=Nftables()
>>> n2=Nftables()
>>> <Ctrl-D>
double free or corruption (top)
Aborted

Reported-by: Eugene Crosser <crosser@xxxxxxxxxxx>
Suggested-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/netlink.h         |  3 ---
 src/libnftables.c         |  2 --
 src/netlink_delinearize.c | 40 ++++++++++-----------------------------
 3 files changed, 10 insertions(+), 35 deletions(-)

diff --git a/include/netlink.h b/include/netlink.h
index 0c8655ca19cf..2467ff82a520 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -215,9 +215,6 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type,
 
 enum nft_data_types dtype_map_to_kernel(const struct datatype *dtype);
 
-void expr_handler_init(void);
-void expr_handler_exit(void);
-
 void netlink_linearize_init(struct netlink_linearize_ctx *lctx,
 			    struct nftnl_rule *nlr);
 void netlink_linearize_fini(struct netlink_linearize_ctx *lctx);
diff --git a/src/libnftables.c b/src/libnftables.c
index aa6493aae119..fc52fbc35d21 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -106,13 +106,11 @@ static void nft_init(struct nft_ctx *ctx)
 	realm_table_rt_init(ctx);
 	devgroup_table_init(ctx);
 	ct_label_table_init(ctx);
-	expr_handler_init();
 }
 
 static void nft_exit(struct nft_ctx *ctx)
 {
 	cache_free(&ctx->cache.table_cache);
-	expr_handler_exit();
 	ct_label_table_exit(ctx);
 	realm_table_rt_exit(ctx);
 	devgroup_table_exit(ctx);
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index f2207ea1d43e..bd75ad5cbe1e 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1750,46 +1750,26 @@ static const struct expr_handler netlink_parsers[] = {
 	{ .name = "synproxy",	.parse = netlink_parse_synproxy },
 };
 
-static const struct expr_handler **expr_handle_ht;
-
-#define NFT_EXPR_HSIZE	4096
-
-void expr_handler_init(void)
-{
-	unsigned int i;
-	uint32_t hash;
-
-	expr_handle_ht = xzalloc_array(NFT_EXPR_HSIZE,
-				       sizeof(expr_handle_ht[0]));
-
-	for (i = 0; i < array_size(netlink_parsers); i++) {
-		hash = djb_hash(netlink_parsers[i].name) % NFT_EXPR_HSIZE;
-		assert(expr_handle_ht[hash] == NULL);
-		expr_handle_ht[hash] = &netlink_parsers[i];
-	}
-}
-
-void expr_handler_exit(void)
-{
-	xfree(expr_handle_ht);
-}
-
 static int netlink_parse_expr(const struct nftnl_expr *nle,
 			      struct netlink_parse_ctx *ctx)
 {
 	const char *type = nftnl_expr_get_str(nle, NFTNL_EXPR_NAME);
 	struct location loc;
-	uint32_t hash;
+	unsigned int i;
 
 	memset(&loc, 0, sizeof(loc));
 	loc.indesc = &indesc_netlink;
 	loc.nle = nle;
 
-	hash = djb_hash(type) % NFT_EXPR_HSIZE;
-	if (expr_handle_ht[hash])
-		expr_handle_ht[hash]->parse(ctx, &loc, nle);
-	else
-		netlink_error(ctx, &loc, "unknown expression type '%s'", type);
+	for (i = 0; i < array_size(netlink_parsers); i++) {
+		if (strcmp(type, netlink_parsers[i].name))
+			continue;
+
+		netlink_parsers[i].parse(ctx, &loc, nle);
+
+		return 0;
+	}
+	netlink_error(ctx, &loc, "unknown expression type '%s'", type);
 
 	return 0;
 }
-- 
2.20.1




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux