[pve-devel] [PATCH firewall 1/2] forbid trailing commas in lists
Wolfgang Bumiller
w.bumiller at proxmox.com
Wed Mar 22 12:53:33 CET 2017
iptables-restore doesn't allow them
---
Another one of these annoying cases...
We really need to start testing with `iptables-restore -t` and flag
broken rules somehow...
src/PVE/Firewall.pm | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index c7d90f8..0535d78 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -976,7 +976,9 @@ sub parse_address_list {
my $iprange = 0;
my $ipversion;
- foreach my $elem (split(/,/, $str)) {
+ my @elements = split(/,/, $str);
+ die "extraneous commas in list\n" if $str ne join(',', @elements);
+ foreach my $elem (@elements) {
$count++;
my $ip = Net::IP->new($elem);
if (!$ip) {
@@ -1005,7 +1007,9 @@ sub parse_port_name_number_or_range {
my $count = 0;
my $icmp_port = 0;
- foreach my $item (split(/,/, $str)) {
+ my @elements = split(/,/, $str);
+ die "extraneous commas in list\n" if $str ne join(',', @elements);
+ foreach my $item (@elements) {
$count++;
if ($item =~ m/^(\d+):(\d+)$/) {
my ($port1, $port2) = ($1, $2);
--
2.1.4
More information about the pve-devel
mailing list