parser_json: Catch nonsense ops in match statement

commit 7df0b2f1a1c64e2bdc652fd2418b4f7218c93f1f upstream.

Since expr_op_symbols array includes binary operators and more, simply
checking the given string matches any of the elements is not sufficient.

Fixes: 586ad210368b7 ("libnftables: Implement JSON parser")
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/src/parser_json.c b/src/parser_json.c
index efa1205a74f5dd3c2c249b3731611e4fba55aeac..c619e92f8306deb6e1df4fb309651552dbf4800a 100644 (file)
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -1652,13 +1652,18 @@ static struct stmt *json_parse_match_stmt(struct json_ctx *ctx,
                    !strcmp(opstr, expr_op_symbols[op]))
                        break;
        }
-       if (op == __OP_MAX) {
+       switch (op) {
+       case OP_EQ ... OP_NEG:
+               break;
+       case __OP_MAX:
                if (!strcmp(opstr, "in")) {
                        op = OP_IMPLICIT;
-               } else {
-                       json_error(ctx, "Unknown relational op '%s'.", opstr);
-                       return NULL;
+                       break;
                }
+               /* fall through */
+       default:
+               json_error(ctx, "Invalid relational op '%s'.", opstr);
+               return NULL;
        }
 
        left = json_parse_expr(ctx, jleft);