parser: reject zero-length interface names in flowtables

author Florian Westphal <fw@strlen.de>

Mon, 19 Jun 2023 20:43:05 +0000 (22:43 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 2 Nov 2023 10:56:20 +0000 (11:56 +0100)
author Florian Westphal <fw@strlen.de>
Mon, 19 Jun 2023 20:43:05 +0000 (22:43 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 2 Nov 2023 10:56:20 +0000 (11:56 +0100)
diff --git a/src/parser_bison.y b/src/parser_bison.y

index 5df0528ae50cf1d9f390aa1067d3b125281d8b70..fca467a24993672b4083a7617e97368bf9e08a3e 100644 (file)
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2236,17 +2236,21 @@ flowtable_list_expr     :       flowtable_expr_member
  
  flowtable_expr_member  :       QUOTED_STRING
                         {
-                               $$ = constant_expr_alloc(&@$, &string_type,
-                                                        BYTEORDER_HOST_ENDIAN,
-                                                        strlen($1) * BITS_PER_BYTE, $1);
-                               xfree($1);
+                               struct expr *expr = ifname_expr_alloc(&@$, state->msgs, $1);
+
+                               if (!expr)
+                                       YYERROR;
+
+                               $$ = expr;
                         }
                         |       STRING
                         {
-                               $$ = constant_expr_alloc(&@$, &string_type,
-                                                        BYTEORDER_HOST_ENDIAN,
-                                                        strlen($1) * BITS_PER_BYTE, $1);
-                               xfree($1);
+                               struct expr *expr = ifname_expr_alloc(&@$, state->msgs, $1);
+
+                               if (!expr)
+                                       YYERROR;
+
+                               $$ = expr;
                         }
                         |       variable_expr
                         {
diff --git a/tests/shell/testcases/bogons/nft-f/zero_length_devicename_flowtable_assert b/tests/shell/testcases/bogons/nft-f/zero_length_devicename_flowtable_assert

new file mode 100644 (file)

index 0000000..2c3e6c3
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/zero_length_devicename_flowtable_assert
@@ -0,0 +1,5 @@
+table t {
+       flowtable f {
+               devices = { """"lo }
+       }
+}
author	Florian Westphal <fw@strlen.de>
	Mon, 19 Jun 2023 20:43:05 +0000 (22:43 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 2 Nov 2023 10:56:20 +0000 (11:56 +0100)
src/parser_bison.y		patch \| blob \| blame \| history
tests/shell/testcases/bogons/nft-f/zero_length_devicename_flowtable_assert	[new file with mode: 0644]	patch \| blob