From owner-svn-src-projects@FreeBSD.ORG Fri Aug 8 21:09:23 2014 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3028F6FD for ; Fri, 8 Aug 2014 21:09:23 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 103CD2CF0 for ; Fri, 8 Aug 2014 21:09:23 +0000 (UTC) Received: from melifaro (uid 1268) (envelope-from melifaro@FreeBSD.org) id 21fe by svn.freebsd.org (DragonFly Mail Agent v0.9+); Fri, 08 Aug 2014 21:09:22 +0000 From: Alexander V. Chernikov Date: Fri, 8 Aug 2014 21:09:22 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r269739 - in projects/ipfw: sbin/ipfw sys/netpfil/ipfw X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-Id: <53e53c82.21fe.1ded5f02@svn.freebsd.org> X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Aug 2014 21:09:23 -0000 Author: melifaro Date: Fri Aug 8 21:09:22 2014 New Revision: 269739 URL: http://svnweb.freebsd.org/changeset/base/269739 Log: Kernel changes: * Fix buffer calculation for table dumps * Fix IPv6 radix entiries addition broken in r269371. Userland changes: * Fix bug in retrieving statric ruleset * Fix several bugs in retrieving table list Modified: projects/ipfw/sbin/ipfw/ipfw2.c projects/ipfw/sbin/ipfw/tables.c projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c projects/ipfw/sys/netpfil/ipfw/ip_fw_table_algo.c Modified: projects/ipfw/sbin/ipfw/ipfw2.c ============================================================================== --- projects/ipfw/sbin/ipfw/ipfw2.c Fri Aug 8 19:39:40 2014 (r269738) +++ projects/ipfw/sbin/ipfw/ipfw2.c Fri Aug 8 21:09:22 2014 (r269739) @@ -2659,7 +2659,7 @@ ipfw_get_config(struct cmdline_opts *co, sz = 4096; cfg = NULL; - for (i = 0; i < 10; i++) { + for (i = 0; i < 16; i++) { if (cfg != NULL) free(cfg); if ((cfg = calloc(1, sz)) == NULL) @@ -2676,9 +2676,10 @@ ipfw_get_config(struct cmdline_opts *co, } /* Buffer size is not enough. Try to increase */ - sz = sz * 2 + 200; + sz = sz * 2; if (sz < cfg->size) - sz = cfg->size + 200; + sz = cfg->size; + continue; } *pcfg = cfg; Modified: projects/ipfw/sbin/ipfw/tables.c ============================================================================== --- projects/ipfw/sbin/ipfw/tables.c Fri Aug 8 19:39:40 2014 (r269738) +++ projects/ipfw/sbin/ipfw/tables.c Fri Aug 8 21:09:22 2014 (r269739) @@ -67,7 +67,7 @@ static void table_fill_ntlv(ipfw_obj_ntl static int table_flush_one(ipfw_xtable_info *i, void *arg); static int table_show_one(ipfw_xtable_info *i, void *arg); -static int table_get_list(ipfw_xtable_info *i, ipfw_obj_header *oh); +static int table_do_get_list(ipfw_xtable_info *i, ipfw_obj_header **poh); static void table_show_list(ipfw_obj_header *oh, int need_header); static void table_show_entry(ipfw_xtable_info *i, ipfw_obj_tentry *tent); @@ -760,10 +760,7 @@ table_show_one(ipfw_xtable_info *i, void ipfw_obj_header *oh; int error; - if ((oh = calloc(1, i->size)) == NULL) - return (ENOMEM); - - if ((error = table_get_list(i, oh)) != 0) { + if ((error = table_do_get_list(i, &oh)) != 0) { err(EX_OSERR, "Error requesting table %s list", i->tablename); return (error); } @@ -1304,31 +1301,43 @@ tables_foreach(table_cb_t *f, void *arg, /* * Retrieves all entries for given table @i in - * eXtended format. Assumes buffer of size - * @i->size has already been allocated by caller. + * eXtended format. Allocate buffer large enough + * to store result. Called needs to free it later. * * Returns 0 on success. */ static int -table_get_list(ipfw_xtable_info *i, ipfw_obj_header *oh) +table_do_get_list(ipfw_xtable_info *i, ipfw_obj_header **poh) { + ipfw_obj_header *oh; size_t sz; int error, c; sz = 0; - for (c = 0; c < 3; c++) { - table_fill_objheader(oh, i); + oh = NULL; + error = 0; + for (c = 0; c < 8; c++) { if (sz < i->size) - sz = i->size; - + sz = i->size + 44; + if (oh != NULL) + free(oh); + if ((oh = calloc(1, sz)) == NULL) + continue; + table_fill_objheader(oh, i); oh->opheader.version = 1; /* Current version */ error = do_get3(IP_FW_TABLE_XLIST, &oh->opheader, &sz); + if (error == 0) { + *poh = oh; + return (0); + } + if (error != ENOMEM) - return (errno); + break; } + free(oh); - return (ENOMEM); + return (error); } /* Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c ============================================================================== --- projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c Fri Aug 8 19:39:40 2014 (r269738) +++ projects/ipfw/sys/netpfil/ipfw/ip_fw_table.c Fri Aug 8 21:09:22 2014 (r269739) @@ -1245,9 +1245,8 @@ ipfw_dump_table_v1(struct ip_fw_chain *c return (ESRCH); } export_table_info(ch, tc, i); - sz = tc->count; - if (sd->valsize < sz + tc->count * sizeof(ipfw_obj_tentry)) { + if (sd->valsize < i->size) { /* * Submitted buffer size is not enough. Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw_table_algo.c ============================================================================== --- projects/ipfw/sys/netpfil/ipfw/ip_fw_table_algo.c Fri Aug 8 19:39:40 2014 (r269738) +++ projects/ipfw/sys/netpfil/ipfw/ip_fw_table_algo.c Fri Aug 8 21:09:22 2014 (r269739) @@ -342,7 +342,7 @@ tei_to_sockaddr_ent(struct tentry_info * { int mlen; struct sockaddr_in *addr, *mask; - struct sockaddr_in6 *addr6, *mask6; + struct sa_in6 *addr6, *mask6; in_addr_t a4; mlen = tei->masklen; @@ -367,8 +367,8 @@ tei_to_sockaddr_ent(struct tentry_info * #ifdef INET6 } else if (tei->subtype == AF_INET6) { /* IPv6 case */ - addr6 = (struct sockaddr_in6 *)sa; - mask6 = (struct sockaddr_in6 *)ma; + addr6 = (struct sa_in6 *)sa; + mask6 = (struct sa_in6 *)ma; /* Set 'total' structure length */ KEY_LEN(*addr6) = KEY_LEN_INET6; KEY_LEN(*mask6) = KEY_LEN_INET6;