src/conntrack/labels.c - manifest_repos/libnetfilter_conntrack - Git at Google

 #include <stdbool.h>
 #include <stdint.h>

 #include "internal/internal.h"

 #define MAX_BITS 1024

 #define CONNLABEL_CFG "/etc/xtables/connlabel.conf"
 #define HASH_SIZE 64

 struct labelmap_bucket {
 	char *name;
 	unsigned int bit;
 	struct labelmap_bucket *next;
 };

 struct nfct_labelmap {
 	struct labelmap_bucket *map_name[HASH_SIZE];
 	unsigned int namecount;
 	char **bit_to_name;
 };

 static struct labelmap_bucket* label_map_bucket_alloc(const char *n, unsigned int b)
 {
 	struct labelmap_bucket *bucket;
 	char *name = strdup(n);

 	if (!name)
 		return NULL;

 	bucket = malloc(sizeof(*bucket));
 	if (!bucket) {
 		free(name);
 		return NULL;
 	}
 	bucket->name = name;
 	bucket->bit = b;
 	return bucket;
 }

 static unsigned int hash_name(const char *name)
 {
 	unsigned int hash = 0;

 	while (*name) {
 		hash = (hash << 5) - hash + *name;
 		name++;
 	}
 	return hash & (HASH_SIZE - 1);
 }

 int __labelmap_get_bit(struct nfct_labelmap *m, const char *name)
 {
 	unsigned int i = hash_name(name);
 	struct labelmap_bucket *list = m->map_name[i];

 	while (list) {
 		if (strcmp(name, list->name) == 0)
 			return list->bit;
 		list = list->next;
 	}
 	return -1;
 }

 const char *__labelmap_get_name(struct nfct_labelmap *m, unsigned int bit)
 {
 	if (bit < m->namecount)
 		return m->bit_to_name[bit] ? m->bit_to_name[bit] : "";
 	return NULL;
 }

 static int map_insert(struct nfct_labelmap *m, const char *n, unsigned int b)
 {
 	unsigned int i = hash_name(n);
 	struct labelmap_bucket *list = m->map_name[i];

 	while (list) {
 		if (strcmp(list->name, n) == 0)
 			return -1;
 		list = list->next;
 	}

 	list = label_map_bucket_alloc(n, b);
 	if (!list)
 		return -1;

 	if (m->map_name[i])
 		list->next = m->map_name[i];
 	else
 		list->next = NULL;
 	m->map_name[i] = list;
 	return 0;
 }

 static int is_space_posix(int c)
 {
 	return c == ' ' || c == '\f' || c == '\r' || c == '\t' || c == '\v';
 }

 static char *trim_label(char *label)
 {
 	char *end;

 	while (is_space_posix(*label))
 		label++;
 	end = strchr(label, '\n');
 	if (end)
 		*end = 0;
 	else
 		end = strchr(label, '\0');
 	end--;

 	while (end > label && is_space_posix(*end)) {
 		*end = 0;
 		end--;
 	}

 	return *label ? label : NULL;
 }

 static int
 xtables_parse_connlabel_numerical(const char *s, char **end)
 {
 	unsigned long value;

 	value = strtoul(s, end, 0);
 	if (value == 0 && s == *end)
 		return -1;
 	if (value >= MAX_BITS)
 		return -1;
 	return value;
 }

 static void free_list(struct labelmap_bucket *b)
 {
 	struct labelmap_bucket *tmp;

 	while (b) {
 		free(b->name);

 		tmp = b;
 		b = b->next;

 		free(tmp);
 	}
 }

 void __labelmap_destroy(struct nfct_labelmap *map)
 {
 	unsigned int i;
 	struct labelmap_bucket *b;

 	for (i = 0; i < HASH_SIZE; i++) {
 		b = map->map_name[i];
 		free_list(b);
 	}

 	free(map->bit_to_name);
 	free(map);
 }

 static void make_name_table(struct nfct_labelmap *m)
 {
 	struct labelmap_bucket *b;
 	unsigned int i;

 	for (i = 0; i < HASH_SIZE; i++) {
 		b = m->map_name[i];
 		while (b) {
 			m->bit_to_name[b->bit] = b->name;
 			b = b->next;
 		}
 	}
 }

 static struct nfct_labelmap *map_alloc(void)
 {
 	struct nfct_labelmap *map = malloc(sizeof(*map));
 	if (map) {
 		unsigned int i;
 		for (i = 0; i < HASH_SIZE; i++)
 			map->map_name[i] = NULL;
 		map->bit_to_name = NULL;
 	}
 	return map;
 }

 /*
  * We will only accept alpha numerical labels; else
  * parses might choke on output when label named
  * "foo;<&bar" exists.  ASCII machines only.
  *
  * Avoids libc isalnum() etc. to avoid issues with locale
  * settings.
  */
 static bool label_is_sane(const char *label)
 {
 	for (;*label; label++) {
 		if (*label >= 'a' && *label <= 'z')
 			continue;
 		if (*label >= 'A' && *label <= 'Z')
 			continue;
 		if (*label >= '0' && *label <= '9')
 			continue;
 		if (*label == ' ' || *label == '-')
 			continue;
 		return false;
 	}
 	return true;
 }

 const char *__labels_get_path(void)
 {
 	return CONNLABEL_CFG;
 }

 struct nfct_labelmap *__labelmap_new(const char *name)
 {
 	struct nfct_labelmap *map;
 	char label[1024];
 	char *end;
 	FILE *fp;
 	int added = 0;
 	unsigned int maxbit = 0;
 	uint32_t bits_seen[MAX_BITS/32];

 	fp = fopen(name ? name : CONNLABEL_CFG, "re");
 	if (!fp)
 		return NULL;

 	memset(bits_seen, 0, sizeof(bits_seen));

 	map = map_alloc();
 	if (!map) {
 		fclose(fp);
 		return NULL;
 	}

 	while (fgets(label, sizeof(label), fp)) {
 		int bit;

 		if (label[0] == '#')
 			continue;

 		bit = xtables_parse_connlabel_numerical(label, &end);
 		if (bit < 0 || test_bit(bit, bits_seen))
 			continue;

 		end = trim_label(end);
 		if (!end)
 			continue;

 		if (label_is_sane(end) && map_insert(map, end, bit) == 0) {
 			added++;
 			if (maxbit < bit)
 				maxbit = bit;
 			set_bit(bit, bits_seen);
 		}
 	}

 	fclose(fp);

 	if (added) {
 		map->namecount = maxbit + 1;
 		map->bit_to_name = calloc(sizeof(char *), map->namecount);
 		if (!map->bit_to_name)
 			goto err;
 		make_name_table(map);
 		return map;
 	} else {
 		errno = 0;
 	}
  err:
 	__labelmap_destroy(map);
 	return NULL;
 }
	#include <stdbool.h>
	#include <stdint.h>

	#include "internal/internal.h"

	#define MAX_BITS 1024

	#define CONNLABEL_CFG "/etc/xtables/connlabel.conf"
	#define HASH_SIZE 64

	struct labelmap_bucket {
	char *name;
	unsigned int bit;
	struct labelmap_bucket *next;
	};

	struct nfct_labelmap {
	struct labelmap_bucket *map_name[HASH_SIZE];
	unsigned int namecount;
	char **bit_to_name;
	};

	static struct labelmap_bucket* label_map_bucket_alloc(const char *n, unsigned int b)
	{
	struct labelmap_bucket *bucket;
	char *name = strdup(n);

	if (!name)
	return NULL;

	bucket = malloc(sizeof(*bucket));
	if (!bucket) {
	free(name);
	return NULL;
	}
	bucket->name = name;
	bucket->bit = b;
	return bucket;
	}

	static unsigned int hash_name(const char *name)
	{
	unsigned int hash = 0;

	while (*name) {
	hash = (hash << 5) - hash + *name;
	name++;
	}
	return hash & (HASH_SIZE - 1);
	}

	int __labelmap_get_bit(struct nfct_labelmap m, const char name)
	{
	unsigned int i = hash_name(name);
	struct labelmap_bucket *list = m->map_name[i];

	while (list) {
	if (strcmp(name, list->name) == 0)
	return list->bit;
	list = list->next;
	}
	return -1;
	}

	const char __labelmap_get_name(struct nfct_labelmap m, unsigned int bit)
	{
	if (bit < m->namecount)
	return m->bit_to_name[bit] ? m->bit_to_name[bit] : "";
	return NULL;
	}

	static int map_insert(struct nfct_labelmap m, const char n, unsigned int b)
	{
	unsigned int i = hash_name(n);
	struct labelmap_bucket *list = m->map_name[i];

	while (list) {
	if (strcmp(list->name, n) == 0)
	return -1;
	list = list->next;
	}

	list = label_map_bucket_alloc(n, b);
	if (!list)
	return -1;

	if (m->map_name[i])
	list->next = m->map_name[i];
	else
	list->next = NULL;
	m->map_name[i] = list;
	return 0;
	}

	static int is_space_posix(int c)
	{
	return c == ' ' \|\| c == '\f' \|\| c == '\r' \|\| c == '\t' \|\| c == '\v';
	}

	static char trim_label(char label)
	{
	char *end;

	while (is_space_posix(*label))
	label++;
	end = strchr(label, '\n');
	if (end)
	*end = 0;
	else
	end = strchr(label, '\0');
	end--;

	while (end > label && is_space_posix(*end)) {
	*end = 0;
	end--;
	}

	return *label ? label : NULL;
	}

	static int
	xtables_parse_connlabel_numerical(const char s, char *end)
	{
	unsigned long value;

	value = strtoul(s, end, 0);
	if (value == 0 && s == *end)
	return -1;
	if (value >= MAX_BITS)
	return -1;
	return value;
	}

	static void free_list(struct labelmap_bucket *b)
	{
	struct labelmap_bucket *tmp;

	while (b) {
	free(b->name);

	tmp = b;
	b = b->next;

	free(tmp);
	}
	}

	void __labelmap_destroy(struct nfct_labelmap *map)
	{
	unsigned int i;
	struct labelmap_bucket *b;

	for (i = 0; i < HASH_SIZE; i++) {
	b = map->map_name[i];
	free_list(b);
	}

	free(map->bit_to_name);
	free(map);
	}

	static void make_name_table(struct nfct_labelmap *m)
	{
	struct labelmap_bucket *b;
	unsigned int i;

	for (i = 0; i < HASH_SIZE; i++) {
	b = m->map_name[i];
	while (b) {
	m->bit_to_name[b->bit] = b->name;
	b = b->next;
	}
	}
	}

	static struct nfct_labelmap *map_alloc(void)
	{
	struct nfct_labelmap map = malloc(sizeof(map));
	if (map) {
	unsigned int i;
	for (i = 0; i < HASH_SIZE; i++)
	map->map_name[i] = NULL;
	map->bit_to_name = NULL;
	}
	return map;
	}

	/*
	* We will only accept alpha numerical labels; else
	* parses might choke on output when label named
	* "foo;<&bar" exists. ASCII machines only.
	*
	* Avoids libc isalnum() etc. to avoid issues with locale
	* settings.
	*/
	static bool label_is_sane(const char *label)
	{
	for (;*label; label++) {
	if (label >= 'a' && label <= 'z')
	continue;
	if (label >= 'A' && label <= 'Z')
	continue;
	if (label >= '0' && label <= '9')
	continue;
	if (label == ' ' \|\| label == '-')
	continue;
	return false;
	}
	return true;
	}

	const char *__labels_get_path(void)
	{
	return CONNLABEL_CFG;
	}

	struct nfct_labelmap __labelmap_new(const char name)
	{
	struct nfct_labelmap *map;
	char label[1024];
	char *end;
	FILE *fp;
	int added = 0;
	unsigned int maxbit = 0;
	uint32_t bits_seen[MAX_BITS/32];

	fp = fopen(name ? name : CONNLABEL_CFG, "re");
	if (!fp)
	return NULL;

	memset(bits_seen, 0, sizeof(bits_seen));

	map = map_alloc();
	if (!map) {
	fclose(fp);
	return NULL;
	}

	while (fgets(label, sizeof(label), fp)) {
	int bit;

	if (label[0] == '#')
	continue;

	bit = xtables_parse_connlabel_numerical(label, &end);
	if (bit < 0 \|\| test_bit(bit, bits_seen))
	continue;

	end = trim_label(end);
	if (!end)
	continue;

	if (label_is_sane(end) && map_insert(map, end, bit) == 0) {
	added++;
	if (maxbit < bit)
	maxbit = bit;
	set_bit(bit, bits_seen);
	}
	}

	fclose(fp);

	if (added) {
	map->namecount = maxbit + 1;
	map->bit_to_name = calloc(sizeof(char *), map->namecount);
	if (!map->bit_to_name)
	goto err;
	make_name_table(map);
	return map;
	} else {
	errno = 0;
	}
	err:
	__labelmap_destroy(map);
	return NULL;
	}