parser_json: Disallow ct helper as type to map to

When creating a map, users may either map dtype:dtype or dtype:object.
In the second case, only counter, quota, limit and secmark is allowed by
bison, but JSON parser wasn't as strict, allowing ct helper as well.
Remove that to avoid undefined behaviour.

Fixes: 586ad210368b7 ("libnftables: Implement JSON parser")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/parser_json.c b/src/parser_json.c
index 19d3ad47281307ace42f9dfad4ade9e9ea3677d2..53017935eba53e0e848932944adcf2d23403c7ac 100644 (file)
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -2503,7 +2503,6 @@ static int string_to_nft_object(const char *str)
        const char *obj_tbl[__NFT_OBJECT_MAX] = {
                [NFT_OBJECT_COUNTER] = "counter",
                [NFT_OBJECT_QUOTA] = "quota",
-               [NFT_OBJECT_CT_HELPER] = "ct helper",
                [NFT_OBJECT_LIMIT] = "limit",
                [NFT_OBJECT_SECMARK] = "secmark",
        };