Re: [PATCH nft 1/2] parser_json: use stdin buffer if available

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 10, 2024 at 04:01:19PM +0200, Phil Sutter wrote:
> On Wed, Jul 10, 2024 at 03:53:52PM +0200, Phil Sutter wrote:
> > Hi Pablo,
> > 
> > On Tue, Jul 09, 2024 at 04:59:52PM +0200, Pablo Neira Ayuso wrote:
> > > Since 5c2b2b0a2ba7 ("src: error reporting with -f and read from stdin")
> > > stdin is stored in a buffer, update json support to use it instead of
> > > reading from /dev/stdin.
> > > 
> > > Some systems do not provide /dev/stdin symlink to /proc/self/fd/0
> > > according to reporter (that mentions Yocto Linux as example).
> > > 
> > > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> > > ---
> > >  src/parser_json.c | 7 +++++++
> > >  1 file changed, 7 insertions(+)
> > > 
> > > diff --git a/src/parser_json.c b/src/parser_json.c
> > > index ee4657ee8044..4912d3608b2b 100644
> > > --- a/src/parser_json.c
> > > +++ b/src/parser_json.c
> > > @@ -4357,6 +4357,13 @@ int nft_parse_json_filename(struct nft_ctx *nft, const char *filename,
> > >  	json_error_t err;
> > >  	int ret;
> > >  
> > > +	if (nft->stdin_buf) {
> > > +		json_indesc.type = INDESC_STDIN;
> > > +		json_indesc.name = "/dev/stdin";
> > > +
> > > +		return nft_parse_json_buffer(nft, nft->stdin_buf, msgs, cmds);
> > > +	}
> > 
> > Is this sufficient? In nft_run_cmd_from_filename(), nft->stdin_buf is
> > populated conditionally:
> > 
> > | if (!strcmp(filename, "/dev/stdin") &&
> > |     !nft_output_json(&nft->output))
> > |         nft->stdin_buf = stdin_to_buffer();
> > 
> > Later (in the wrapped __nft_run_cmd_from_filename()), we try JSON parsing
> > conditionally:
> > 
> > | if (nft_output_json(&nft->output) || nft_input_json(&nft->input))
> > |         rc = nft_parse_json_filename(nft, filename, &msgs, &cmds);
> > 
> > Things got complicated by commit 2034d8c60ed91 ("src: add input flag
> > NFT_CTX_INPUT_JSON to enable JSON parsing") and my request to remain
> > compatible, i.e. '-j' flag which enables JSON output shall continue to
> > make JSON the assumed input format.
> > 
> > So long story short, I guess in order to cover all cases, we have to
> > enable nft->stdin_buf population also if nft_input_json(...) returns
> > true, i.e. cover for library users requesting JSON input (but standard
> > output). WDYT?
> 
> On second review, I think the right change is to make
> nft_run_cmd_from_filename() *always* populate nft->stdin_buf if
> 'filename' is '/dev/stdin', i.e. drop the !nft_output_json(...) clause.
> 
> Sorry for the confusion.

I can squash this incremental fix to 1/2 send post a v2.

Thanks.
diff --git a/src/libnftables.c b/src/libnftables.c
index af4734c05004..89317f9f6049 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -807,8 +807,7 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename)
 	if (!strcmp(filename, "-"))
 		filename = "/dev/stdin";
 
-	if (!strcmp(filename, "/dev/stdin") &&
-	    !nft_output_json(&nft->output))
+	if (!strcmp(filename, "/dev/stdin"))
 		nft->stdin_buf = stdin_to_buffer();
 
 	if (!nft->stdin_buf &&

[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux