diff options
| author | Patrick McHardy <kaber@trash.net> | 2011-02-01 10:27:25 -0500 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2011-02-01 10:27:25 -0500 |
| commit | 8da560ced56c423cd6d35803cd0244c944c676bd (patch) | |
| tree | 98b253c24eae0b385ebcf8036f30f6541681dd1d | |
| parent | d956798d82d2d331c031301965d69e17a1a48a2b (diff) | |
netfilter: ipset: use nla_parse_nested()
Replace calls of the form:
nla_parse(tb, ATTR_MAX, nla_data(attr), nla_len(attr), policy)
by:
nla_parse_nested(tb, ATTR_MAX, attr, policy)
Signed-off-by: Patrick McHardy <kaber@trash.net>
| -rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 42 |
1 files changed, 16 insertions, 26 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 8a736247e85f..ae0f8b595106 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c | |||
| @@ -246,8 +246,7 @@ ip_set_get_ipaddr4(struct nlattr *nla, __be32 *ipaddr) | |||
| 246 | 246 | ||
| 247 | if (unlikely(!flag_nested(nla))) | 247 | if (unlikely(!flag_nested(nla))) |
| 248 | return -IPSET_ERR_PROTOCOL; | 248 | return -IPSET_ERR_PROTOCOL; |
| 249 | if (nla_parse(tb, IPSET_ATTR_IPADDR_MAX, nla_data(nla), nla_len(nla), | 249 | if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy)) |
| 250 | ipaddr_policy)) | ||
| 251 | return -IPSET_ERR_PROTOCOL; | 250 | return -IPSET_ERR_PROTOCOL; |
| 252 | if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV4))) | 251 | if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV4))) |
| 253 | return -IPSET_ERR_PROTOCOL; | 252 | return -IPSET_ERR_PROTOCOL; |
| @@ -265,8 +264,7 @@ ip_set_get_ipaddr6(struct nlattr *nla, union nf_inet_addr *ipaddr) | |||
| 265 | if (unlikely(!flag_nested(nla))) | 264 | if (unlikely(!flag_nested(nla))) |
| 266 | return -IPSET_ERR_PROTOCOL; | 265 | return -IPSET_ERR_PROTOCOL; |
| 267 | 266 | ||
| 268 | if (nla_parse(tb, IPSET_ATTR_IPADDR_MAX, nla_data(nla), nla_len(nla), | 267 | if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy)) |
| 269 | ipaddr_policy)) | ||
| 270 | return -IPSET_ERR_PROTOCOL; | 268 | return -IPSET_ERR_PROTOCOL; |
| 271 | if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV6))) | 269 | if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV6))) |
| 272 | return -IPSET_ERR_PROTOCOL; | 270 | return -IPSET_ERR_PROTOCOL; |
| @@ -666,10 +664,8 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb, | |||
| 666 | * Without holding any locks, create private part. | 664 | * Without holding any locks, create private part. |
| 667 | */ | 665 | */ |
| 668 | if (attr[IPSET_ATTR_DATA] && | 666 | if (attr[IPSET_ATTR_DATA] && |
| 669 | nla_parse(tb, IPSET_ATTR_CREATE_MAX, | 667 | nla_parse_nested(tb, IPSET_ATTR_CREATE_MAX, attr[IPSET_ATTR_DATA], |
| 670 | nla_data(attr[IPSET_ATTR_DATA]), | 668 | set->type->create_policy)) { |
| 671 | nla_len(attr[IPSET_ATTR_DATA]), | ||
| 672 | set->type->create_policy)) { | ||
| 673 | ret = -IPSET_ERR_PROTOCOL; | 669 | ret = -IPSET_ERR_PROTOCOL; |
| 674 | goto put_out; | 670 | goto put_out; |
| 675 | } | 671 | } |
| @@ -1169,10 +1165,9 @@ ip_set_uadd(struct sock *ctnl, struct sk_buff *skb, | |||
| 1169 | 1165 | ||
| 1170 | use_lineno = !!attr[IPSET_ATTR_LINENO]; | 1166 | use_lineno = !!attr[IPSET_ATTR_LINENO]; |
| 1171 | if (attr[IPSET_ATTR_DATA]) { | 1167 | if (attr[IPSET_ATTR_DATA]) { |
| 1172 | if (nla_parse(tb, IPSET_ATTR_ADT_MAX, | 1168 | if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, |
| 1173 | nla_data(attr[IPSET_ATTR_DATA]), | 1169 | attr[IPSET_ATTR_DATA], |
| 1174 | nla_len(attr[IPSET_ATTR_DATA]), | 1170 | set->type->adt_policy)) |
| 1175 | set->type->adt_policy)) | ||
| 1176 | return -IPSET_ERR_PROTOCOL; | 1171 | return -IPSET_ERR_PROTOCOL; |
| 1177 | ret = call_ad(skb, set, tb, IPSET_ADD, flags, use_lineno); | 1172 | ret = call_ad(skb, set, tb, IPSET_ADD, flags, use_lineno); |
| 1178 | } else { | 1173 | } else { |
| @@ -1182,9 +1177,8 @@ ip_set_uadd(struct sock *ctnl, struct sk_buff *skb, | |||
| 1182 | memset(tb, 0, sizeof(tb)); | 1177 | memset(tb, 0, sizeof(tb)); |
| 1183 | if (nla_type(nla) != IPSET_ATTR_DATA || | 1178 | if (nla_type(nla) != IPSET_ATTR_DATA || |
| 1184 | !flag_nested(nla) || | 1179 | !flag_nested(nla) || |
| 1185 | nla_parse(tb, IPSET_ATTR_ADT_MAX, | 1180 | nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, nla, |
| 1186 | nla_data(nla), nla_len(nla), | 1181 | set->type->adt_policy)) |
| 1187 | set->type->adt_policy)) | ||
| 1188 | return -IPSET_ERR_PROTOCOL; | 1182 | return -IPSET_ERR_PROTOCOL; |
| 1189 | ret = call_ad(skb, set, tb, IPSET_ADD, | 1183 | ret = call_ad(skb, set, tb, IPSET_ADD, |
| 1190 | flags, use_lineno); | 1184 | flags, use_lineno); |
| @@ -1224,10 +1218,9 @@ ip_set_udel(struct sock *ctnl, struct sk_buff *skb, | |||
| 1224 | 1218 | ||
| 1225 | use_lineno = !!attr[IPSET_ATTR_LINENO]; | 1219 | use_lineno = !!attr[IPSET_ATTR_LINENO]; |
| 1226 | if (attr[IPSET_ATTR_DATA]) { | 1220 | if (attr[IPSET_ATTR_DATA]) { |
| 1227 | if (nla_parse(tb, IPSET_ATTR_ADT_MAX, | 1221 | if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, |
| 1228 | nla_data(attr[IPSET_ATTR_DATA]), | 1222 | attr[IPSET_ATTR_DATA], |
| 1229 | nla_len(attr[IPSET_ATTR_DATA]), | 1223 | set->type->adt_policy)) |
| 1230 | set->type->adt_policy)) | ||
| 1231 | return -IPSET_ERR_PROTOCOL; | 1224 | return -IPSET_ERR_PROTOCOL; |
| 1232 | ret = call_ad(skb, set, tb, IPSET_DEL, flags, use_lineno); | 1225 | ret = call_ad(skb, set, tb, IPSET_DEL, flags, use_lineno); |
| 1233 | } else { | 1226 | } else { |
| @@ -1237,9 +1230,8 @@ ip_set_udel(struct sock *ctnl, struct sk_buff *skb, | |||
| 1237 | memset(tb, 0, sizeof(*tb)); | 1230 | memset(tb, 0, sizeof(*tb)); |
| 1238 | if (nla_type(nla) != IPSET_ATTR_DATA || | 1231 | if (nla_type(nla) != IPSET_ATTR_DATA || |
| 1239 | !flag_nested(nla) || | 1232 | !flag_nested(nla) || |
| 1240 | nla_parse(tb, IPSET_ATTR_ADT_MAX, | 1233 | nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, nla, |
| 1241 | nla_data(nla), nla_len(nla), | 1234 | set->type->adt_policy)) |
| 1242 | set->type->adt_policy)) | ||
| 1243 | return -IPSET_ERR_PROTOCOL; | 1235 | return -IPSET_ERR_PROTOCOL; |
| 1244 | ret = call_ad(skb, set, tb, IPSET_DEL, | 1236 | ret = call_ad(skb, set, tb, IPSET_DEL, |
| 1245 | flags, use_lineno); | 1237 | flags, use_lineno); |
| @@ -1269,10 +1261,8 @@ ip_set_utest(struct sock *ctnl, struct sk_buff *skb, | |||
| 1269 | if (set == NULL) | 1261 | if (set == NULL) |
| 1270 | return -ENOENT; | 1262 | return -ENOENT; |
| 1271 | 1263 | ||
| 1272 | if (nla_parse(tb, IPSET_ATTR_ADT_MAX, | 1264 | if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], |
| 1273 | nla_data(attr[IPSET_ATTR_DATA]), | 1265 | set->type->adt_policy)) |
| 1274 | nla_len(attr[IPSET_ATTR_DATA]), | ||
| 1275 | set->type->adt_policy)) | ||
| 1276 | return -IPSET_ERR_PROTOCOL; | 1266 | return -IPSET_ERR_PROTOCOL; |
| 1277 | 1267 | ||
| 1278 | read_lock_bh(&set->lock); | 1268 | read_lock_bh(&set->lock); |