From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Cc: passt-dev@passt.top
Subject: Re: [PATCH v2 13/13] fwd_rule: Rewrite forward rule parsing using parse.c helpers
Date: Thu, 2 Jul 2026 10:59:34 +1000 [thread overview]
Message-ID: <akW39lnM4BWUUzEr@zatzit> (raw)
In-Reply-To: <20260702011159.0aed0531@elisabeth>
[-- Attachment #1: Type: text/plain, Size: 3084 bytes --]
On Thu, Jul 02, 2026 at 01:12:00AM +0200, Stefano Brivio wrote:
> On Wed, 1 Jul 2026 15:31:55 +1000
> David Gibson <david@gibson.dropbear.id.au> wrote:
>
> > +++ b/parse.c
> > @@ -18,6 +18,7 @@
> > #include <string.h>
> > #include <limits.h>
> > #include <arpa/inet.h>
> > +#include <net/if.h>
> >
> > #include "common.h"
> > #include "parse.h"
> > @@ -213,3 +214,31 @@ bool parse_inany_(const char **cursor, union inany_addr *addr,
> >
> > return false;
> > }
> > +
> > +/**
> > + * parse_ifspec() - Parse a interface name specifier (starting with %)
> > + * @ifname: On success updated with parsed name (must have IFNAMSIZ space)
> > + *
> > + * This will accept a missing specifier (empty string), setting ifname to ""
> > + */
> > +bool parse_ifspec(const char **cursor, char *ifname)
> > +{
> > + const char *p = *cursor;
> > + size_t len;
> > +
> > + if (!parse_literal(&p, "%")) {
> > + /* No interface specifier */
> > + ifname[0] = '\0';
> > + return true;
> > + }
> > +
> > + /* ifnames can have anything that's not '/', '.' or whitespace */
> > + len = strcspn(p, "/. \f\n\r\t\v");
>
> I was about to apply the series when I spotted this: '.' is definitely
> valid in interface names, and even commonly used (think of VLANs), it's
> just "." and ".." _as an interface name_ that are not supported.
Oh, right, I misuderstood. Should have looked at the kernel code
myself to confirm, oops.
> If we forbid any interface name with '.' we might very well break
> somebody's use case. I can fix this up with:
>
> /* ifnames can't contain /, :, or whitespace */
> len = strcspn(p, "/: \f\n\r\t\v");
> if (!len || len >= IFNAMSIZ)
> return false;
>
> /* ...and they can't be '..' or '.' either */
> if (!strcmp(p, ".") || !strcmp(p, ".."))
> return false;
>
> if you're fine with it
That won't quite work: the string doesn't end at the end of the
interface name. Plus, in my experience you get much better error
reporting if you generally try to lexically accept as *much* as
possible, then validate, rather than restricting the parser to only
accept the minimum it must.
I've added a validation of the parsed ifname up in fwd_rule_parse(),
instead. I'll post the new spin momentarily. .
>
> > + if (!len || len >= IFNAMSIZ)
> > + return false;
> > +
> > + memcpy(ifname, p, len);
> > + ifname[len] = '\0';
> > + *cursor = p + len;
> > + return true;
> > +}
> > diff --git a/parse.h b/parse.h
> > index ab1d5adb..257b9c58 100644
> > --- a/parse.h
> > +++ b/parse.h
> > @@ -32,4 +32,6 @@ bool parse_inany_(const char **cursor, union inany_addr *addr,
> >
> > #define parse_inany(cursor, addr) parse_inany_((cursor), (addr), NULL)
> >
> > +bool parse_ifspec(const char **cursor, char *ifname);
> > +
> > #endif /* _PARSE_H */
>
> --
> Stefano
>
--
David Gibson (he or they) | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you, not the other way
| around.
http://www.ozlabs.org/~dgibson
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2026-07-02 0:59 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-01 5:31 [PATCH v2 00/13] Rework option parsing in preparation for destination remapping David Gibson
2026-07-01 5:31 ` [PATCH v2 01/13] Makefile: Add missing PESTO_HEADERS variable David Gibson
2026-07-01 5:31 ` [PATCH v2 02/13] conf: Use parameter instead of global in conf_nat() David Gibson
2026-07-01 5:31 ` [PATCH v2 03/13] parse: Start splitting out parsing helpers David Gibson
2026-07-01 5:31 ` [PATCH v2 04/13] conf: Remove duplicate parsing of -F option David Gibson
2026-07-01 5:31 ` [PATCH v2 05/13] conf: Clean up conf_ip4_prefix() David Gibson
2026-07-01 5:31 ` [PATCH v2 06/13] parse: Add helper to parse unsigned integer values David Gibson
2026-07-01 5:31 ` [PATCH v2 07/13] parse: Move parse_port_range() to new parsing framework David Gibson
2026-07-01 5:31 ` [PATCH v2 08/13] parse: Add helpers for parsing IP addresses David Gibson
2026-07-01 5:31 ` [PATCH v2 09/13] conf: Move address configuration into helper function David Gibson
2026-07-01 5:31 ` [PATCH v2 10/13] conf: Remove unnecessary mode checks from conf_addr() David Gibson
2026-07-01 5:31 ` [PATCH v2 11/13] conf: Use new parsing tools to handle -a option David Gibson
2026-07-01 5:31 ` [PATCH v2 12/13] fwd_rule: Allow "all" port specs to be combined with other options David Gibson
2026-07-01 5:31 ` [PATCH v2 13/13] fwd_rule: Rewrite forward rule parsing using parse.c helpers David Gibson
2026-07-01 23:12 ` Stefano Brivio
2026-07-02 0:59 ` David Gibson [this message]
2026-07-01 23:12 ` [PATCH v2 00/13] Rework option parsing in preparation for destination remapping Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akW39lnM4BWUUzEr@zatzit \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).