On Mon, Sep 30, 2019 at 06:30:53PM +0200, Pablo Neira Ayuso wrote:
> On Wed, Sep 25, 2019 at 11:25:58PM +0200, Phil Sutter wrote:
> > This is a requirement for outsourcing line parsing code into a dedicated
> > function.
> > 
> > Signed-off-by: Phil Sutter <phil@nwl.cc>
> > ---
> >  iptables/nft-shared.h      |  1 +
> >  iptables/xtables-restore.c | 17 ++++++++---------
> >  2 files changed, 9 insertions(+), 9 deletions(-)
> > 
> > diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
> > index 9d62913461fa4..facad6d02a7ec 100644
> > --- a/iptables/nft-shared.h
> > +++ b/iptables/nft-shared.h
> > @@ -237,6 +237,7 @@ struct nft_xt_restore_parse {
> >  	int		testing;
> >  	const char	*tablename;
> >  	bool		commit;
> > +	bool		in_table;
> 
> I don't think this belong here.
> 
> If you want to add a structure, then add something like:
> 
> struct nft_xt_parse_ctx {
>         char    buffer[10240];
>         char    *curtable;
>         int     in_table;
> };
> 
> to store all the internal context, not mix things like internal
> parsing context with the object that describes the parser
> configuration.

Attaching a patch to constify nft_xt_restore_parse.