From c61c9ba7ebf89ce75e92a3d68e169e3d31fc81ce Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 4 Dec 2012 18:10:19 -0800 Subject: [PATCH] Make expression evaluation more deterministic. Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Config.pm | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 0282e44be..512feb4c0 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -1943,10 +1943,16 @@ sub evaluate_expression( $$$ ) { $val = ( exists $variables{$var} ? $variables{$var} : exists $actparms{$var} ? ( $var ? $actparms{$var} : $actparms{0}->{name} ) : - exists $capdesc{$var} ? have_capability( $var ) : 0 ); - $val = 0 unless defined $val; - $val = "'$val'" unless $val =~ /^-?\d+$/; - $expression = join( '', $first, $val || 0, $rest ); + exists $capdesc{$var} ? have_capability( $var ) : '' ); + $val = '' unless defined $val; + + if ( $val eq '' ) { + $val = "''" unless $first =~ /['"]$/; + } else { + $val = "'$val'" unless $val =~ /^-?\d+$/; + } + + $expression = join( '', $first, $val, $rest ); cond_error( "Variable Expansion Loop" , $filename, $linenumber ) if ++$count > 100; } @@ -1967,12 +1973,13 @@ sub evaluate_expression( $$$ ) { cond_error "Unknown capability ($cap)", $filename, $linenumber; } - $expression = join( '', $first, $val || 0, $rest ); + $expression = join( '', $first, $val, $rest ); } $expression =~ s/^\s*(.+)\s*$/$1/; unless ( $expression =~ /^\d+$/ ) { + print "EXPR=> $expression\n" if $debug; # # Not a simple one-term expression -- compile it #