evaluate: reject: fix crash on NULL location with bridge and tcp reset

If we use tcp reset with a network protocol that tcp is not supported,
we display an error. This error use the reject.expr location which is NULL,
therefore we have a crash. This patch replaces it using the reject statement
to display the error like:

Rule:
 nft add bridge filter input ether type vlan reject with tcp reset
Output:
 <cmdline>:1:46-51: Error: cannot reject this ether type
 add rule bridge filter input ether type vlan reject with tcp reset
                              ~~~~~~~~~~~~~~~ ^^^^^^

Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index 3eeb614cd4b0628735411040fbc385db6cb6ec88..00e55b7ddf77e8942bbf9d0cdc80dd1c43f55c63 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1277,7 +1277,7 @@ static int stmt_evaluate_reject_bridge_family(struct eval_ctx *ctx,
                case __constant_htons(ETH_P_IPV6):
                        break;
                default:
-                       return stmt_binary_error(ctx, stmt->reject.expr,
+                       return stmt_binary_error(ctx, stmt,
                                    &ctx->pctx.protocol[PROTO_BASE_NETWORK_HDR],
                                    "cannot reject this ether type");
                }