DEFAULTS directive enforces max number of parameters

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-07-03 07:22:29 -07:00
parent 62c62441bb
commit d31e2d67ba
7 changed files with 24 additions and 9 deletions

View File

@ -1828,13 +1828,16 @@ sub pop_action_params( $ ) {
} }
sub default_action_params { sub default_action_params {
my $val; my $action = shift;
my ( $val, $i );
for ( my $i = 1; 1; $i++ ) { for ( $i = 1; 1; $i++ ) {
last unless defined ( $val = shift ); last unless defined ( $val = shift );
my $curval = $actparms[$i]; my $curval = $actparms[$i];
$actparms[$i] =$val eq '-' ? '' : $val eq '--' ? '-' : $val unless supplied( $curval ); $actparms[$i] =$val eq '-' ? '' : $val eq '--' ? '-' : $val unless supplied( $curval );
} }
fatal_error "Too Many arguments to action $action" if defined $actparms[$i];
} }
sub get_action_params( $ ) { sub get_action_params( $ ) {

View File

@ -1439,7 +1439,7 @@ sub process_action( $) {
} }
if ( $target eq 'DEFAULTS' ) { if ( $target eq 'DEFAULTS' ) {
default_action_params( split_list $source, 'defaults' ), next if $format == 2; default_action_params( $action, split_list $source, 'defaults' ), next if $format == 2;
fatal_error 'DEFAULTS only allowed in FORMAT-2 actions'; fatal_error 'DEFAULTS only allowed in FORMAT-2 actions';
} }

View File

@ -39,9 +39,7 @@ FORMAT 2
BEGIN PERL BEGIN PERL
use Shorewall::Config; use Shorewall::Config;
my ( $p1, $p2, $p3 , $p4, $p5, $p6 ) = get_action_params( 6 ); my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 );
fatal_error "Too many parameters to Drop" if defined $p6;
if ( defined $p1 ) { if ( defined $p1 ) {
if ( $p1 eq 'audit' ) { if ( $p1 eq 'audit' ) {

View File

@ -35,9 +35,7 @@ FORMAT 2
BEGIN PERL BEGIN PERL
use Shorewall::Config; use Shorewall::Config;
my ( $p1, $p2, $p3 , $p4, $p5, $p6 ) = get_action_params( 6 ); my ( $p1, $p2, $p3 , $p4, $p5 ) = get_action_params( 5 );
fatal_error "Too many parameters to Reject" if defined $p6;
if ( defined $p1 ) { if ( defined $p1 ) {
if ( $p1 eq 'audit' ) { if ( $p1 eq 'audit' ) {

View File

@ -4,6 +4,14 @@ Changes in Shorewall 4.4.21 Final
2) Make 'fallback' and 'balance' mutually exclusive. 2) Make 'fallback' and 'balance' mutually exclusive.
3) Generate error if too many parameters to a function with DEFAULT
4) Prepare for more parameterized actions
5) Fix parameter push/pop in process_action()
6) Add comment push/pop in process_action()
Changes in Shorewall 4.4.21 RC 1 Changes in Shorewall 4.4.21 RC 1
1) Fix empty parameter lists in _DEFAULT settings. 1) Fix empty parameter lists in _DEFAULT settings.

View File

@ -67,6 +67,10 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
is the default value for the second parameter and so on. To specify is the default value for the second parameter and so on. To specify
an empty default, use '-'. an empty default, use '-'.
The DEFAULTS directive also determines the maximum number of
parameters that an action may have. If more parameters are passed
than have default values, an error message is issued.
3) Parameterized macros may now specify a default parameter value 3) Parameterized macros may now specify a default parameter value
using the DEFAULT directive. using the DEFAULT directive.

View File

@ -386,6 +386,10 @@ REDIRECT net - tcp 80 - 1.2.3.4</programlisting>
first parameter, <replaceable>def2</replaceable> is the default value first parameter, <replaceable>def2</replaceable> is the default value
for the second parameter and so on. You can specify an empty default for the second parameter and so on. You can specify an empty default
using '-' (e.g. DEFAULTS DROP,-,audit).</para> using '-' (e.g. DEFAULTS DROP,-,audit).</para>
<para>The DEFAULTS directive also determines the maximum number of
parameters that an action may have. If more parameters are passed than
have default values, an error message is issued. </para>
</section> </section>
<section> <section>