]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bc1eeb8) | patch
parser_json: reject non-concat expression
authorFlorian Westphal <fw@strlen.de>
Mon, 21 Jul 2025 11:09:55 +0000 (13:09 +0200)
committerFlorian Westphal <fw@strlen.de>
Tue, 22 Jul 2025 12:38:34 +0000 (14:38 +0200)
commitf4d3e5e2f6595b6628b2aa948ff45ffaec40fb65
tree7bec1c70367e182f0132a6ca61470098b5159194tree | snapshot
parentbc1eeb8fe709b2c0322a6b0e447517256cc9c18bcommit | diff
parser_json: reject non-concat expression

Before "src: detach set, list and concatenation expression layout":
internal:0:0-0: Error: Concatenation with 0 elements is illegal

After this change, expr->size access triggers assert() failure, add
explicit test for etype to avoid this and error out:

internal:0:0-0: Error: Expected concat element, got symbol.

Fixes: e0d92243be1c ("src: detach set, list and concatenation expression layout")
Signed-off-by: Florian Westphal <fw@strlen.de>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/parser_json.c diff | blob | blame | history
tests/shell/testcases/bogons/nft-j-f/concat_is_not_concat_assert [new file with mode: 0644] blob
Mirror of git://git.netfilter.org/nftables