odd condition/test in PF lexer

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

odd condition/test in PF lexer

Alexandr Nedvedicky
Hello,

a static analyzer we use for Oracle Solaris recently discovered odd
if () test/condition in yylex() here sbin/pfctl/parse.y:

    5279         } else if (c == '\\') {
    5280                 if ((next = lgetc(quotec)) == EOF)
    5281                         return (0);
    5282                 if (next == quotec || c == ' ' || c == '\t')
    5283                         c = next;
    5284                 else if (next == '\n') {
    5285                         file->lineno++;
    5286                         continue;
    5287                 } else
    5288                         lungetc(next);

The analyzer thinks the condition at line 5282 should be changed to

    5282                 if (next == quotec)

because earlier line at 5279 grants the variable c holds backslash,
therefore it can't contain space or tab. The simple change is tempting,
but let's check the history first. That particular line has been
introduced 10+ years ago with commit message as follows:

    in the lex... even inside quotes, a \ followed by space or tab should
    expand to space or tab, and a \ followed by newline should be ignored
    (as a line continuation).  compatible with the needs of hoststated
    (which has the most strict quoted string requirements), and ifstated
    (where one commonly does line continuations in strings).

Comment above makes me thinking the intended change looks as follows:

    5282                 if (next == quotec || next == ' ' || next == '\t')

Patch below fixes all yylex() functions I could find using simple

    find ./ -name "parse.y"

OK?

thanks and
regards
sashan

--------8<---------------8<---------------8<------------------8<--------
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y
index 112049cdc6a..e3bb32d838e 100644
--- a/sbin/iked/parse.y
+++ b/sbin/iked/parse.y
@@ -1385,7 +1385,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y
index 4b8f84704cc..cb1cb0a488b 100644
--- a/sbin/ipsecctl/parse.y
+++ b/sbin/ipsecctl/parse.y
@@ -1182,7 +1182,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 0791c9c01d7..69fddacd214 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -5279,7 +5279,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/acme-client/parse.y b/usr.sbin/acme-client/parse.y
index bcc8325506a..feffaaee7a0 100644
--- a/usr.sbin/acme-client/parse.y
+++ b/usr.sbin/acme-client/parse.y
@@ -604,7 +604,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return 0;
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index 9e2359f31a3..4d9ccc944eb 100644
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -3106,7 +3106,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/dvmrpd/parse.y b/usr.sbin/dvmrpd/parse.y
index 65966206072..093566222b1 100644
--- a/usr.sbin/dvmrpd/parse.y
+++ b/usr.sbin/dvmrpd/parse.y
@@ -570,7 +570,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/eigrpd/parse.y b/usr.sbin/eigrpd/parse.y
index 1bb69f092c5..07316954ce1 100644
--- a/usr.sbin/eigrpd/parse.y
+++ b/usr.sbin/eigrpd/parse.y
@@ -819,7 +819,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/hostapd/parse.y b/usr.sbin/hostapd/parse.y
index b2736493ece..7bf8f9d40c1 100644
--- a/usr.sbin/hostapd/parse.y
+++ b/usr.sbin/hostapd/parse.y
@@ -1507,7 +1507,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/httpd/parse.y b/usr.sbin/httpd/parse.y
index 4851182f5cd..72410d5ef0e 100644
--- a/usr.sbin/httpd/parse.y
+++ b/usr.sbin/httpd/parse.y
@@ -1488,7 +1488,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ifstated/parse.y b/usr.sbin/ifstated/parse.y
index 11577a6ca11..8540a46daa8 100644
--- a/usr.sbin/ifstated/parse.y
+++ b/usr.sbin/ifstated/parse.y
@@ -564,7 +564,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/iscsictl/parse.y b/usr.sbin/iscsictl/parse.y
index e86657fa633..b646b55487d 100644
--- a/usr.sbin/iscsictl/parse.y
+++ b/usr.sbin/iscsictl/parse.y
@@ -554,7 +554,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ldapd/parse.y b/usr.sbin/ldapd/parse.y
index e33fea03a39..f8932145833 100644
--- a/usr.sbin/ldapd/parse.y
+++ b/usr.sbin/ldapd/parse.y
@@ -649,7 +649,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ldomctl/parse.y b/usr.sbin/ldomctl/parse.y
index 359ff9a9e81..4d12d61fb8a 100644
--- a/usr.sbin/ldomctl/parse.y
+++ b/usr.sbin/ldomctl/parse.y
@@ -400,7 +400,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ldpd/parse.y b/usr.sbin/ldpd/parse.y
index 5197bb0c368..8df22bd11cb 100644
--- a/usr.sbin/ldpd/parse.y
+++ b/usr.sbin/ldpd/parse.y
@@ -1042,7 +1042,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/lpd/parse.y b/usr.sbin/lpd/parse.y
index 324076cb4d3..aae2aec9735 100644
--- a/usr.sbin/lpd/parse.y
+++ b/usr.sbin/lpd/parse.y
@@ -424,7 +424,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/npppd/npppd/parse.y b/usr.sbin/npppd/npppd/parse.y
index ca620782175..4d8fd78b2f9 100644
--- a/usr.sbin/npppd/npppd/parse.y
+++ b/usr.sbin/npppd/npppd/parse.y
@@ -1231,7 +1231,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ntpd/parse.y b/usr.sbin/ntpd/parse.y
index e30926b303e..a7127b4dc06 100644
--- a/usr.sbin/ntpd/parse.y
+++ b/usr.sbin/ntpd/parse.y
@@ -635,7 +635,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ospf6d/parse.y b/usr.sbin/ospf6d/parse.y
index 6b5ff9591a3..4ead71a441f 100644
--- a/usr.sbin/ospf6d/parse.y
+++ b/usr.sbin/ospf6d/parse.y
@@ -815,7 +815,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ospfd/parse.y b/usr.sbin/ospfd/parse.y
index 439ce8c831b..e8b291fc6d9 100644
--- a/usr.sbin/ospfd/parse.y
+++ b/usr.sbin/ospfd/parse.y
@@ -1009,7 +1009,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/rad/parse.y b/usr.sbin/rad/parse.y
index 8aedd2a499c..83ff6bdd799 100644
--- a/usr.sbin/rad/parse.y
+++ b/usr.sbin/rad/parse.y
@@ -626,7 +626,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/radiusd/parse.y b/usr.sbin/radiusd/parse.y
index 0b4a9b99368..e6895917365 100644
--- a/usr.sbin/radiusd/parse.y
+++ b/usr.sbin/radiusd/parse.y
@@ -563,7 +563,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y
index c3fa2aef4dd..c0284855592 100644
--- a/usr.sbin/relayd/parse.y
+++ b/usr.sbin/relayd/parse.y
@@ -2519,7 +2519,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ripd/parse.y b/usr.sbin/ripd/parse.y
index be6e1ede45c..bc78ff4d47e 100644
--- a/usr.sbin/ripd/parse.y
+++ b/usr.sbin/ripd/parse.y
@@ -595,7 +595,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
index c3177e3f058..fa00f6dc7a8 100644
--- a/usr.sbin/smtpd/parse.y
+++ b/usr.sbin/smtpd/parse.y
@@ -1852,7 +1852,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/snmpd/parse.y b/usr.sbin/snmpd/parse.y
index f9a878b7828..f50c5dfd529 100644
--- a/usr.sbin/snmpd/parse.y
+++ b/usr.sbin/snmpd/parse.y
@@ -835,7 +835,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/switchd/parse.y b/usr.sbin/switchd/parse.y
index 191e720e3a7..dc95947cc89 100644
--- a/usr.sbin/switchd/parse.y
+++ b/usr.sbin/switchd/parse.y
@@ -475,7 +475,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/vmd/parse.y b/usr.sbin/vmd/parse.y
index 545c7679049..73e4e353f62 100644
--- a/usr.sbin/vmd/parse.y
+++ b/usr.sbin/vmd/parse.y
@@ -942,7 +942,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ypldap/parse.y b/usr.sbin/ypldap/parse.y
index 6048a3586c9..a6d647021bf 100644
--- a/usr.sbin/ypldap/parse.y
+++ b/usr.sbin/ypldap/parse.y
@@ -663,7 +663,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;

Reply | Threaded
Open this post in threaded view
|

Re: odd condition/test in PF lexer

Todd C. Miller-2
On Fri, 05 Oct 2018 00:37:33 +0200, Alexandr Nedvedicky wrote:

> because earlier line at 5279 grants the variable c holds backslash,
> therefore it can't contain space or tab. The simple change is tempting,
> but let's check the history first. That particular line has been
> introduced 10+ years ago with commit message as follows:
>
>     in the lex... even inside quotes, a \ followed by space or tab should
>     expand to space or tab, and a \ followed by newline should be ignored
>     (as a line continuation).  compatible with the needs of hoststated
>     (which has the most strict quoted string requirements), and ifstated
>     (where one commonly does line continuations in strings).
>
> Comment above makes me thinking the intended change looks as follows:
>
>     5282                 if (next == quotec || next == ' ' || next == '\t')

I agree with your analysis.  Thank you for taking the time to
determine the author's intent instead of blindly trusting the static
analyzer.

 - todd

Reply | Threaded
Open this post in threaded view
|

Re: odd condition/test in PF lexer

Theo de Raadt-2
Todd C. Miller <[hidden email]> wrote:

> On Fri, 05 Oct 2018 00:37:33 +0200, Alexandr Nedvedicky wrote:
>
> > because earlier line at 5279 grants the variable c holds backslash,
> > therefore it can't contain space or tab. The simple change is tempting,
> > but let's check the history first. That particular line has been
> > introduced 10+ years ago with commit message as follows:
> >
> >     in the lex... even inside quotes, a \ followed by space or tab should
> >     expand to space or tab, and a \ followed by newline should be ignored
> >     (as a line continuation).  compatible with the needs of hoststated
> >     (which has the most strict quoted string requirements), and ifstated
> >     (where one commonly does line continuations in strings).
> >
> > Comment above makes me thinking the intended change looks as follows:
> >
> >     5282                 if (next == quotec || next == ' ' || next == '\t')
>
> I agree with your analysis.  Thank you for taking the time to
> determine the author's intent instead of blindly trusting the static
> analyzer.

It looks obviously correct.

Still, since we are in the release window, I would like to know what the
regression tests think of this.

It took so long for someone to hit this lex error, so it probably should
be punted post-release regardless.

Reply | Threaded
Open this post in threaded view
|

Re: odd condition/test in PF lexer

Alexandr Nedvedicky
Hello,

I think time has come to ask for OKs.

The updated patch is below. The issue has been found within
PF's parse.y here:

    5279         } else if (c == '\\') {
    5280                 if ((next = lgetc(quotec)) == EOF)
    5281                         return (0);
    5282                 if (next == quotec || c == ' ' || c == '\t')
    5283                         c = next;
    5284                 else if (next == '\n') {
    5285                         file->lineno++;
    5286                         continue;
    5287                 } else

the if() condition at line 5282 does not make sense as it is
granted by earlier line 5279 the `c` variable holds backslash
only.

Patch below fixes change from 2007 so yylex function will
behave according to original commit message:

    in the lex... even inside quotes, a \ followed by space or tab should
    expand to space or tab, and a \ followed by newline should be ignored
    (as a line continuation).  compatible with the needs of hoststated
    (which has the most strict quoted string requirements), and ifstated
    (where one commonly does line continuations in strings).

The patch below updates all yylex() functions I could find:
    acme-client
    bgpd
    dvmrpd
    eigrpd
    hostapd
    httpd
    ifstated
    iked
    ipsecctl
    iscsictl
    ldapd
    ldomctl
    ldpd
    lpd
    npppd
    ntpd
    ospf6d
    ospfd
    pfctl
    rad
    radiusd
    relayd
    ripd
    smtpd
    snmpd
    switchd
    vmd
    ypldap

I did run regression tests as follows:
    ./regress/sbin/ipsecctl
    ./regress/sbin/pfctl
    ./regress/usr.sbin/bgpd
    ./regress/usr.sbin/httpd
    ./regress/usr.sbin/ifstated
    ./regress/usr.sbin/ldapd
    ./regress/usr.sbin/ospfd
    ./regress/usr.sbin/relayd
    ./regress/usr.sbin/snmpd
    ./regress/usr.sbin/switchd
    ./regress/usr.sbin/vmd

I could not run tests for acme-client. No issues were
found in my change.

The changed behavior of yylex() function will be shown
on pfctl.

Let pfctl load a ruleset as follows:

    anchor "remo\ve\ backslash\     before\ space or tab" {
            pass
    }

Displaying the rules (doing 'pfctl -sr') loaded by current pfctl we get
output as follows:

    anchor "remo\ve\ backslash\     before\ space or tab" all

Once the same rules get loaded by fixed pfctl the output
changes to:

    anchor "remo\ve backslash       before space or tab" all

thanks and
regards
sashan

--------8<---------------8<---------------8<------------------8<--------
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y
index 112049cdc6a..e3bb32d838e 100644
--- a/sbin/iked/parse.y
+++ b/sbin/iked/parse.y
@@ -1385,7 +1385,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y
index 4b8f84704cc..cb1cb0a488b 100644
--- a/sbin/ipsecctl/parse.y
+++ b/sbin/ipsecctl/parse.y
@@ -1182,7 +1182,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 0791c9c01d7..69fddacd214 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -5279,7 +5279,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/acme-client/parse.y b/usr.sbin/acme-client/parse.y
index bcc8325506a..feffaaee7a0 100644
--- a/usr.sbin/acme-client/parse.y
+++ b/usr.sbin/acme-client/parse.y
@@ -604,7 +604,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return 0;
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index 9e2359f31a3..4d9ccc944eb 100644
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -3106,7 +3106,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/dvmrpd/parse.y b/usr.sbin/dvmrpd/parse.y
index 65966206072..093566222b1 100644
--- a/usr.sbin/dvmrpd/parse.y
+++ b/usr.sbin/dvmrpd/parse.y
@@ -570,7 +570,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/eigrpd/parse.y b/usr.sbin/eigrpd/parse.y
index 1bb69f092c5..07316954ce1 100644
--- a/usr.sbin/eigrpd/parse.y
+++ b/usr.sbin/eigrpd/parse.y
@@ -819,7 +819,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/hostapd/parse.y b/usr.sbin/hostapd/parse.y
index b2736493ece..7bf8f9d40c1 100644
--- a/usr.sbin/hostapd/parse.y
+++ b/usr.sbin/hostapd/parse.y
@@ -1507,7 +1507,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/httpd/parse.y b/usr.sbin/httpd/parse.y
index 4851182f5cd..72410d5ef0e 100644
--- a/usr.sbin/httpd/parse.y
+++ b/usr.sbin/httpd/parse.y
@@ -1488,7 +1488,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ifstated/parse.y b/usr.sbin/ifstated/parse.y
index 11577a6ca11..8540a46daa8 100644
--- a/usr.sbin/ifstated/parse.y
+++ b/usr.sbin/ifstated/parse.y
@@ -564,7 +564,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/iscsictl/parse.y b/usr.sbin/iscsictl/parse.y
index e86657fa633..b646b55487d 100644
--- a/usr.sbin/iscsictl/parse.y
+++ b/usr.sbin/iscsictl/parse.y
@@ -554,7 +554,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ldapd/parse.y b/usr.sbin/ldapd/parse.y
index e33fea03a39..f8932145833 100644
--- a/usr.sbin/ldapd/parse.y
+++ b/usr.sbin/ldapd/parse.y
@@ -649,7 +649,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ldomctl/parse.y b/usr.sbin/ldomctl/parse.y
index 359ff9a9e81..4d12d61fb8a 100644
--- a/usr.sbin/ldomctl/parse.y
+++ b/usr.sbin/ldomctl/parse.y
@@ -400,7 +400,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ldpd/parse.y b/usr.sbin/ldpd/parse.y
index 5197bb0c368..8df22bd11cb 100644
--- a/usr.sbin/ldpd/parse.y
+++ b/usr.sbin/ldpd/parse.y
@@ -1042,7 +1042,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/lpd/parse.y b/usr.sbin/lpd/parse.y
index 324076cb4d3..aae2aec9735 100644
--- a/usr.sbin/lpd/parse.y
+++ b/usr.sbin/lpd/parse.y
@@ -424,7 +424,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/npppd/npppd/parse.y b/usr.sbin/npppd/npppd/parse.y
index ca620782175..4d8fd78b2f9 100644
--- a/usr.sbin/npppd/npppd/parse.y
+++ b/usr.sbin/npppd/npppd/parse.y
@@ -1231,7 +1231,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ntpd/parse.y b/usr.sbin/ntpd/parse.y
index e30926b303e..a7127b4dc06 100644
--- a/usr.sbin/ntpd/parse.y
+++ b/usr.sbin/ntpd/parse.y
@@ -635,7 +635,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ospf6d/parse.y b/usr.sbin/ospf6d/parse.y
index 6b5ff9591a3..4ead71a441f 100644
--- a/usr.sbin/ospf6d/parse.y
+++ b/usr.sbin/ospf6d/parse.y
@@ -815,7 +815,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ospfd/parse.y b/usr.sbin/ospfd/parse.y
index 439ce8c831b..e8b291fc6d9 100644
--- a/usr.sbin/ospfd/parse.y
+++ b/usr.sbin/ospfd/parse.y
@@ -1009,7 +1009,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/rad/parse.y b/usr.sbin/rad/parse.y
index 8aedd2a499c..83ff6bdd799 100644
--- a/usr.sbin/rad/parse.y
+++ b/usr.sbin/rad/parse.y
@@ -626,7 +626,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/radiusd/parse.y b/usr.sbin/radiusd/parse.y
index 0b4a9b99368..e6895917365 100644
--- a/usr.sbin/radiusd/parse.y
+++ b/usr.sbin/radiusd/parse.y
@@ -563,7 +563,8 @@ yylex(void)
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y
index 06789862a91..e8af5d6562c 100644
--- a/usr.sbin/relayd/parse.y
+++ b/usr.sbin/relayd/parse.y
@@ -2518,7 +2518,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ripd/parse.y b/usr.sbin/ripd/parse.y
index be6e1ede45c..bc78ff4d47e 100644
--- a/usr.sbin/ripd/parse.y
+++ b/usr.sbin/ripd/parse.y
@@ -595,7 +595,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
index c3177e3f058..fa00f6dc7a8 100644
--- a/usr.sbin/smtpd/parse.y
+++ b/usr.sbin/smtpd/parse.y
@@ -1852,7 +1852,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/snmpd/parse.y b/usr.sbin/snmpd/parse.y
index f9a878b7828..f50c5dfd529 100644
--- a/usr.sbin/snmpd/parse.y
+++ b/usr.sbin/snmpd/parse.y
@@ -835,7 +835,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/switchd/parse.y b/usr.sbin/switchd/parse.y
index 191e720e3a7..dc95947cc89 100644
--- a/usr.sbin/switchd/parse.y
+++ b/usr.sbin/switchd/parse.y
@@ -475,7 +475,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/vmd/parse.y b/usr.sbin/vmd/parse.y
index ef2ed38e400..4ef04e3f160 100644
--- a/usr.sbin/vmd/parse.y
+++ b/usr.sbin/vmd/parse.y
@@ -949,7 +949,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;
diff --git a/usr.sbin/ypldap/parse.y b/usr.sbin/ypldap/parse.y
index 6048a3586c9..a6d647021bf 100644
--- a/usr.sbin/ypldap/parse.y
+++ b/usr.sbin/ypldap/parse.y
@@ -663,7 +663,8 @@ top:
  } else if (c == '\\') {
  if ((next = lgetc(quotec)) == EOF)
  return (0);
- if (next == quotec || c == ' ' || c == '\t')
+ if (next == quotec || next == ' ' ||
+    next == '\t')
  c = next;
  else if (next == '\n') {
  file->lineno++;

Reply | Threaded
Open this post in threaded view
|

Re: odd condition/test in PF lexer

Theo de Raadt-2
> the if() condition at line 5282 does not make sense as it is
> granted by earlier line 5279 the `c` variable holds backslash
> only.

ok with me.

Reply | Threaded
Open this post in threaded view
|

Re: odd condition/test in PF lexer

Todd C. Miller-2
In reply to this post by Alexandr Nedvedicky
OK millert@

 - todd