git.ipfire.org Git - thirdparty/nftables.git/commit

author	Laura Garcia Liebana <nevola@gmail.com>
	Thu, 11 Apr 2019 08:59:40 +0000 (10:59 +0200)
committer	Florian Westphal <fw@strlen.de>
	Thu, 11 Apr 2019 09:05:57 +0000 (11:05 +0200)
commit	2ed5afd9f3183f8af2a5347e9f606ae02cd849e3
tree	db624de9945d9b59490fd07f2aa713a4d589d31c	tree
parent	d9bf3d6de1d8ebc171964404fea22253549b4384	commit \| diff

parser_json: fix segfault in translating string to nft object

A segmentation fault is produced when applying an input JSON file
like the following:

{"nftables": [
{ "add":
{"map":
{"family": "ip",
"name": "persistencia",
"table": "nftlb",
"type": "ipv4_addr",
"map": "mark",
"size": 65535,
"flags": ["timeout"],
"timeout": 44
}
}
}
]}

The captured error is:

Program received signal SIGSEGV, Segmentation fault.
#1 0x00007ffff7f734f9 in string_to_nft_object (str=0x55555555f410
"mark") at parser_json.c:2513
2513 if (!strcmp(str, obj_tbl[i]))

The obj_tbl array is allocated with the maximum element index even
if lower indexes are not populated, so it produces null pointer
items.

This patch ensures that the maximum number of possible indexes
but also the element is not comparing a null pointer.

Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>