extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-16 03:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Relocate purge_jumps() and change the loop exit condition to be a bit safer.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-04-09 13:51:44 -07:00
parent 14477d61fe
commit 1de304bfd9
1 changed files with 30 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -593,32 +593,6 @@ sub add_reference ( $$ ) {
$toref->{references}{$fromref->{name}}++; $toref->{references}{$fromref->{name}}++;
} }
#
# Purge jumps previously added via add_jump. If the target chain is empty, reset its
# referenced flag
#
sub purge_jumps ( $$ ) {
my ( $fromref, $toref ) = @_;
my $to = $toref->{name};
my $last = 0;
my $rule;
for ( $rule = 0; $rule <= $#{$fromref->{rules}}; $rule++ ) {
if ( $fromref->{rules}[$rule] =~ / -[gj] ${to}\b/ ) {
trace( $fromref, 'D', $rule + 1, $_ ) if $debug;
splice( @{$fromref->{rules}}, $rule, 1 );
$rule--;
}
}
delete $toref->{references}{$fromref->{name}};
unless ( @{$toref->{rules}} ) {
$toref->{referenced} = 0;
trace ( $toref, 'X', undef, '' ) if $debug;
}
}
# #
# Insert a rule into a chain. Arguments are: # Insert a rule into a chain. Arguments are:
# #
@ -659,7 +633,6 @@ sub insert_rule($$$) {
# optional 5th argument causes long port lists to be split. The optional 6th # optional 5th argument causes long port lists to be split. The optional 6th
# argument, if passed, gives the 0-relative index where the jump is to be inserted. # argument, if passed, gives the 0-relative index where the jump is to be inserted.
# #
sub add_jump( $$$;$$$ ) { sub add_jump( $$$;$$$ ) {
my ( $fromref, $to, $goto_ok, $predicate, $expandports, $index ) = @_; my ( $fromref, $to, $goto_ok, $predicate, $expandports, $index ) = @_;
@ -694,6 +667,36 @@ sub add_jump( $$$;$$$ ) {
} }
} }
#
# Purge jumps previously added via add_jump. If the target chain is empty, reset its
# referenced flag
#
sub purge_jumps ( $$ ) {
my ( $fromref, $toref ) = @_;
my $to = $toref->{name};
my $last = 0;
my $rule;
#
# A C-style for loop seems to work best here, given that we are
# deleting elements from the array over which we are iterating.
#
for ( $rule = 0; $rule <= $#{$fromref->{rules}}; $rule++ ) {
if ( $fromref->{rules}[$rule] =~ / -[gj] ${to}\b/ ) {
trace( $fromref, 'D', $rule + 1, $_ ) if $debug;
splice( @{$fromref->{rules}}, $rule, 1 );
last unless --$toref->{references}{$fromref->{name}} > 0;
$rule--;
}
}
delete $toref->{references}{$fromref->{name}};
unless ( @{$toref->{rules}} ) {
$toref->{referenced} = 0;
trace ( $toref, 'X', undef, '' ) if $debug;
}
}
# #
# Insert a tunnel rule into the passed chain. Tunnel rules are inserted sequentially # Insert a tunnel rule into the passed chain. Tunnel rules are inserted sequentially
# at the beginning of the 'NEW' section. # at the beginning of the 'NEW' section.