rule: crash when uncollapsing command with unexisting table or set

If ruleset update refers to an unexisting table or set, then
cmd->elem.set is NULL.

Fixes: 498a5f0c219d ("rule: collapse set element commands")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/rule.c b/src/rule.c
index 79d4b77756e4e6c84db7c711c17957976e20fbe4..9c9eaec0c77bdcc75dc387a6cd9a5e8cd4428462 100644 (file)
--- a/src/rule.c
+++ b/src/rule.c
@@ -1453,7 +1453,9 @@ void nft_cmd_uncollapse(struct list_head *cmds)
                }
 
                list_for_each_entry_safe(collapse_cmd, collapse_cmd_next, &cmd->collapse_list, list) {
-                       collapse_cmd->elem.set = set_get(cmd->elem.set);
+                       if (cmd->elem.set)
+                               collapse_cmd->elem.set = set_get(cmd->elem.set);
+
                        list_add(&collapse_cmd->list, &cmd->list);
                }
        }

diff --git a/tests/shell/testcases/sets/errors_0 b/tests/shell/testcases/sets/errors_0
index f2da43a009b93c410d73d2d8c0cf27fd5438476c..27f65df3f76bf430794093f20a152bae95863b57 100755 (executable)
--- a/tests/shell/testcases/sets/errors_0
+++ b/tests/shell/testcases/sets/errors_0
@@ -54,4 +54,16 @@ RULESET="table ip x {
         chain chain2 {}
 }"
 
+$NFT -f - <<< $RULESET
+if [ $? -eq 0 ]
+then
+       exit 1
+fi
+
+RULESET="add set inet filter myset { type ipv4_addr; flags interval; auto-merge }
+add element inet filter myset { 192.168.0.0/24 }
+add element inet filter myset { 192.168.0.2 }
+add element inet filter myset { 192.168.1.0/24 }
+add element inet filter myset { 192.168.1.100 }"
+
 $NFT -f - <<< $RULESET || exit 0