summaryrefslogtreecommitdiff
path: root/sbin/pfctl
diff options
context:
space:
mode:
Diffstat (limited to 'sbin/pfctl')
-rw-r--r--sbin/pfctl/parse.y121
1 files changed, 63 insertions, 58 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 161ee0cc803..b8ac8dd3b52 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.199 2002/11/23 05:22:24 mcbride Exp $ */
+/* $OpenBSD: parse.y,v 1.200 2002/11/23 09:15:25 mcbride Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -556,9 +556,9 @@ qassign_list : qassign_item { $$ = $1; }
;
qassign_item : STRING {
- $$ = malloc(sizeof(struct node_queue));
+ $$ = calloc(1, sizeof(struct node_queue));
if ($$ == NULL)
- err(1, "queue_item: malloc");
+ err(1, "queue_item: calloc");
strlcpy($$->queue, $1, PF_QNAME_SIZE);
$$->next = NULL;
$$->tail = $$;
@@ -900,9 +900,9 @@ if_item : STRING {
yyerror("unknown interface %s", $1);
YYERROR;
}
- $$ = malloc(sizeof(struct node_if));
+ $$ = calloc(1, sizeof(struct node_if));
if ($$ == NULL)
- err(1, "if_item: malloc");
+ err(1, "if_item: calloc");
strlcpy($$->ifname, $1, IFNAMSIZ);
$$->ifa_flags = n->ifa_flags;
$$->not = 0;
@@ -952,9 +952,9 @@ proto_item : STRING {
yyerror("proto 0 cannot be used");
YYERROR;
}
- $$ = malloc(sizeof(struct node_proto));
+ $$ = calloc(1, sizeof(struct node_proto));
if ($$ == NULL)
- err(1, "proto_item: malloc");
+ err(1, "proto_item: calloc");
$$->proto = pr;
$$->next = NULL;
$$->tail = $$;
@@ -1055,9 +1055,9 @@ port_list : port_item { $$ = $1; }
;
port_item : port {
- $$ = malloc(sizeof(struct node_port));
+ $$ = calloc(1, sizeof(struct node_port));
if ($$ == NULL)
- err(1, "port_item: malloc");
+ err(1, "port_item: calloc");
$$->port[0] = $1;
$$->port[1] = $1;
$$->op = PF_OP_EQ;
@@ -1065,9 +1065,9 @@ port_item : port {
$$->tail = $$;
}
| PORTUNARY port {
- $$ = malloc(sizeof(struct node_port));
+ $$ = calloc(1, sizeof(struct node_port));
if ($$ == NULL)
- err(1, "port_item: malloc");
+ err(1, "port_item: calloc");
$$->port[0] = $2;
$$->port[1] = $2;
$$->op = $1;
@@ -1075,9 +1075,9 @@ port_item : port {
$$->tail = $$;
}
| port PORTBINARY port {
- $$ = malloc(sizeof(struct node_port));
+ $$ = calloc(1, sizeof(struct node_port));
if ($$ == NULL)
- err(1, "port_item: malloc");
+ err(1, "port_item: calloc");
$$->port[0] = $1;
$$->port[1] = $3;
$$->op = $2;
@@ -1123,9 +1123,9 @@ uid_list : uid_item { $$ = $1; }
;
uid_item : uid {
- $$ = malloc(sizeof(struct node_uid));
+ $$ = calloc(1, sizeof(struct node_uid));
if ($$ == NULL)
- err(1, "uid_item: malloc");
+ err(1, "uid_item: calloc");
$$->uid[0] = $1;
$$->uid[1] = $1;
$$->op = PF_OP_EQ;
@@ -1137,9 +1137,9 @@ uid_item : uid {
yyerror("user unknown requires operator = or !=");
YYERROR;
}
- $$ = malloc(sizeof(struct node_uid));
+ $$ = calloc(1, sizeof(struct node_uid));
if ($$ == NULL)
- err(1, "uid_item: malloc");
+ err(1, "uid_item: calloc");
$$->uid[0] = $2;
$$->uid[1] = $2;
$$->op = $1;
@@ -1151,9 +1151,9 @@ uid_item : uid {
yyerror("user unknown requires operator = or !=");
YYERROR;
}
- $$ = malloc(sizeof(struct node_uid));
+ $$ = calloc(1, sizeof(struct node_uid));
if ($$ == NULL)
- err(1, "uid_item: malloc");
+ err(1, "uid_item: calloc");
$$->uid[0] = $1;
$$->uid[1] = $3;
$$->op = $2;
@@ -1201,9 +1201,9 @@ gid_list : gid_item { $$ = $1; }
;
gid_item : gid {
- $$ = malloc(sizeof(struct node_gid));
+ $$ = calloc(1, sizeof(struct node_gid));
if ($$ == NULL)
- err(1, "gid_item: malloc");
+ err(1, "gid_item: calloc");
$$->gid[0] = $1;
$$->gid[1] = $1;
$$->op = PF_OP_EQ;
@@ -1215,9 +1215,9 @@ gid_item : gid {
yyerror("group unknown requires operator = or !=");
YYERROR;
}
- $$ = malloc(sizeof(struct node_gid));
+ $$ = calloc(1, sizeof(struct node_gid));
if ($$ == NULL)
- err(1, "gid_item: malloc");
+ err(1, "gid_item: calloc");
$$->gid[0] = $2;
$$->gid[1] = $2;
$$->op = $1;
@@ -1229,9 +1229,9 @@ gid_item : gid {
yyerror("group unknown requires operator = or !=");
YYERROR;
}
- $$ = malloc(sizeof(struct node_gid));
+ $$ = calloc(1, sizeof(struct node_gid));
if ($$ == NULL)
- err(1, "gid_item: malloc");
+ err(1, "gid_item: calloc");
$$->gid[0] = $1;
$$->gid[1] = $3;
$$->op = $2;
@@ -1305,9 +1305,9 @@ icmp6_list : icmp6_item { $$ = $1; }
;
icmp_item : icmptype {
- $$ = malloc(sizeof(struct node_icmp));
+ $$ = calloc(1, sizeof(struct node_icmp));
if ($$ == NULL)
- err(1, "icmp_item: malloc");
+ err(1, "icmp_item: calloc");
$$->type = $1;
$$->code = 0;
$$->proto = IPPROTO_ICMP;
@@ -1331,9 +1331,9 @@ icmp_item : icmptype {
}
ulval = p->code;
}
- $$ = malloc(sizeof(struct node_icmp));
+ $$ = calloc(1, sizeof(struct node_icmp));
if ($$ == NULL)
- err(1, "icmp_item: malloc");
+ err(1, "icmp_item: calloc");
$$->type = $1;
$$->code = ulval + 1;
$$->proto = IPPROTO_ICMP;
@@ -1343,9 +1343,9 @@ icmp_item : icmptype {
;
icmp6_item : icmp6type {
- $$ = malloc(sizeof(struct node_icmp));
+ $$ = calloc(1, sizeof(struct node_icmp));
if ($$ == NULL)
- err(1, "icmp_item: malloc");
+ err(1, "icmp_item: calloc");
$$->type = $1;
$$->code = 0;
$$->proto = IPPROTO_ICMPV6;
@@ -1369,9 +1369,9 @@ icmp6_item : icmp6type {
}
ulval = p->code;
}
- $$ = malloc(sizeof(struct node_icmp));
+ $$ = calloc(1, sizeof(struct node_icmp));
if ($$ == NULL)
- err(1, "icmp_item: malloc");
+ err(1, "icmp_item: calloc");
$$->type = $1;
$$->code = ulval + 1;
$$->proto = IPPROTO_ICMPV6;
@@ -1586,16 +1586,16 @@ redir_host_list : host { $$ = $1; }
redirpool : /* empty */ { $$ = NULL; }
| ARROW redirspec {
- $$ = malloc(sizeof(struct redirection));
+ $$ = calloc(1, sizeof(struct redirection));
if ($$ == NULL)
- err(1, "redirection: malloc");
+ err(1, "redirection: calloc");
$$->host = $2;
$$->rport.a = $$->rport.b = $$->rport.t = 0;
}
| ARROW redirspec PORT rport {
- $$ = malloc(sizeof(struct redirection));
+ $$ = calloc(1, sizeof(struct redirection));
if ($$ == NULL)
- err(1, "redirection: malloc");
+ err(1, "redirection: calloc");
$$->host = $2;
$$->rport = $4;
}
@@ -1607,9 +1607,9 @@ pooltype : /* empty */ { $$.type = PF_POOL_NONE; }
| SOURCEHASH { $$.type = PF_POOL_SRCHASH; }
| SOURCEHASH RANDOM
{
- $$.key = malloc(sizeof(struct pf_poolhashkey));
+ $$.key = calloc(1, sizeof(struct pf_poolhashkey));
if ($$.key == NULL)
- err(1, "pooltype: malloc");
+ err(1, "pooltype: calloc");
$$.type = PF_POOL_SRCKEYHASH;
$$.key->key32[0] = arc4random();
$$.key->key32[1] = arc4random();
@@ -1620,9 +1620,9 @@ pooltype : /* empty */ { $$.type = PF_POOL_NONE; }
{
MD5_CTX context;
- $$.key = malloc(sizeof(struct pf_poolhashkey));
+ $$.key = calloc(1, sizeof(struct pf_poolhashkey));
if ($$.key == NULL)
- err(1, "pooltype: malloc");
+ err(1, "pooltype: calloc");
$$.type = PF_POOL_SRCKEYHASH;
MD5Init(&context);
MD5Update(&context, $3, strlen($3));
@@ -1637,16 +1637,16 @@ staticport : /* empty */ { $$ = 0; }
redirection : /* empty */ { $$ = NULL; }
| ARROW host {
- $$ = malloc(sizeof(struct redirection));
+ $$ = calloc(1, sizeof(struct redirection));
if ($$ == NULL)
- err(1, "redirection: malloc");
+ err(1, "redirection: calloc");
$$->host = $2;
$$->rport.a = $$->rport.b = $$->rport.t = 0;
}
| ARROW host PORT rport {
- $$ = malloc(sizeof(struct redirection));
+ $$ = calloc(1, sizeof(struct redirection));
if ($$ == NULL)
- err(1, "redirection: malloc");
+ err(1, "redirection: calloc");
$$->host = $2;
$$->rport = $4;
}
@@ -1988,8 +1988,11 @@ dport : /* empty */ {
}
;
-route_host : '(' STRING ')' {
- if (($$->ifname = strdup($2)) == NULL) {
+route_host : STRING {
+ $$ = calloc(1, sizeof(struct node_host));
+ if ($$ == NULL)
+ err(1, "route_host: calloc");
+ if (($$->ifname = strdup($1)) == NULL) {
yyerror("routeto: strdup");
YYERROR;
}
@@ -1998,6 +2001,8 @@ route_host : '(' STRING ')' {
$$->ifname);
YYERROR;
}
+ $$->next = NULL;
+ $$->tail = $$;
}
| '(' STRING host ')' {
$$ = $3;
@@ -2532,7 +2537,7 @@ expand_altq(struct pf_altq *a, struct node_if *interfaces,
LOOP_THROUGH(struct node_queue, queue, nqueues,
n = calloc(1, sizeof(struct node_queue));
if (n == NULL)
- err(1, "expand_altq: malloc");
+ err(1, "expand_altq: calloc");
strlcpy(n->parent, qname, PF_QNAME_SIZE);
strlcpy(n->queue, queue->queue, PF_QNAME_SIZE);
strlcpy(n->ifname, interface->ifname, IFNAMSIZ);
@@ -2562,9 +2567,9 @@ expand_queue(struct pf_altq *a, struct node_queue *nqueues,
if (!strncmp(a->qname, tqueue->queue, PF_QNAME_SIZE)) {
/* found ourselve in queues */
LOOP_THROUGH(struct node_queue, queue, nqueues,
- n = malloc(sizeof(struct node_queue));
+ n = calloc(1, sizeof(struct node_queue));
if (n == NULL)
- err(1, "expand_queue: malloc");
+ err(1, "expand_queue: calloc");
strlcpy(n->parent, a->qname, PF_QNAME_SIZE);
strlcpy(n->queue, queue->queue, PF_QNAME_SIZE);
strlcpy(n->ifname, tqueue->ifname, IFNAMSIZ);
@@ -2706,9 +2711,9 @@ expand_rule(struct pf_rule *r,
TAILQ_INIT(&r->rt_pool.list);
for (h = rt_pool_hosts; h; h = h->next) {
- pa = malloc(sizeof(struct pf_pooladdr));
+ pa = calloc(1, sizeof(struct pf_pooladdr));
if (pa == NULL) {
- yyerror("malloc");
+ yyerror("calloc");
error++;
}
pa->addr = h->addr;
@@ -2806,9 +2811,9 @@ expand_nat(struct pf_nat *n,
TAILQ_INIT(&n->rpool.list);
for (h = rpool_hosts; h; h = h->next) {
- pa = malloc(sizeof(struct pf_pooladdr));
+ pa = calloc(1, sizeof(struct pf_pooladdr));
if (pa == NULL) {
- yyerror("malloc");
+ yyerror("calloc");
error++;
}
pa->addr = h->addr;
@@ -2818,9 +2823,9 @@ expand_nat(struct pf_nat *n,
TAILQ_INIT(&n->rpool.list);
for (h = rpool_hosts; h; h = h->next) {
- pa = malloc(sizeof(struct pf_pooladdr));
+ pa = calloc(1, sizeof(struct pf_pooladdr));
if (pa == NULL) {
- yyerror("malloc");
+ yyerror("calloc");
error++;
}
pa->addr = h->addr;
@@ -2897,9 +2902,9 @@ expand_rdr(struct pf_rdr *r, struct node_if *interfaces,
TAILQ_INIT(&r->rpool.list);
for (h = rpool_hosts; h; h = h->next) {
- pa = malloc(sizeof(struct pf_pooladdr));
+ pa = calloc(1, sizeof(struct pf_pooladdr));
if (pa == NULL) {
- yyerror("malloc");
+ yyerror("calloc");
error++;
}
pa->addr = h->addr;