parser: prohibit redefinitions of symbols and verify existance on use

This patch fixes some incorrect behaviour of symbolic variables:

- prohibit redefining an existing symbol
- verify existance of a symbolic variable during parsing instead of evaluation

The second point makes sure we don't allow recursive definitions (var = $var),
which lead to a crash due to stack exhaustion.

Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/src/parser.y b/src/parser.y
index cc0aed697ee4f3218d46790a9f3dbca91a24aa4d..f6c9488a70929655ec5f022d95ee2565b80d37fd 100644 (file)
--- a/src/parser.y
+++ b/src/parser.y
@@ -520,7 +520,15 @@ common_block               :       INCLUDE         QUOTED_STRING   stmt_seperator
                        }
                        |       DEFINE          identifier      '='     initializer_expr        stmt_seperator
                        {
-                               symbol_bind(current_scope(state), $2, $4);
+                               struct scope *scope = current_scope(state);
+
+                               if (symbol_lookup(scope, $2) != NULL) {
+                                       erec_queue(error(&@2, "redfinition of symbol '%s'", $2),
+                                                  state->msgs);
+                                       YYERROR;
+                               }
+
+                               symbol_bind(scope, $2, $4);
                                xfree($2);
                        }
                        |       error           stmt_seperator
@@ -1228,9 +1236,16 @@ symbol_expr              :       string
                        }
                        |       '$'     identifier
                        {
+                               struct scope *scope = current_scope(state);
+
+                               if (symbol_lookup(scope, $2) == NULL) {
+                                       erec_queue(error(&@2, "unknown identifier '%s'", $2),
+                                                  state->msgs);
+                                       YYERROR;
+                               }
+
                                $$ = symbol_expr_alloc(&@$, SYMBOL_DEFINE,
-                                                      current_scope(state),
-                                                      $2);
+                                                      scope, $2);
                                xfree($2);
                        }
                        |       AT      identifier

diff --git a/tests/symbolic-define.1 b/tests/symbolic-define.1
new file mode 100644 (file)
index 0000000..712ef71
--- /dev/null
+++ b/tests/symbolic-define.1
@@ -0,0 +1,7 @@
+#! nft -f
+
+# error: variable use before definition
+define var2 = $var1
+define var1 = eth0
+
+filter input iif $var2

diff --git a/tests/symbolic-define.2 b/tests/symbolic-define.2
new file mode 100644 (file)
index 0000000..cd3c23c
--- /dev/null
+++ b/tests/symbolic-define.2
@@ -0,0 +1,7 @@
+#! nft -f
+
+# error: redefinition of an existing variable
+define var1 = eth0
+define var1 = eth0
+
+filter input iif $var1

diff --git a/tests/symbolic-define.3 b/tests/symbolic-define.3
new file mode 100644 (file)
index 0000000..ba224df
--- /dev/null
+++ b/tests/symbolic-define.3
@@ -0,0 +1,6 @@
+#! nft -f
+
+# error: recursive definition of a variable
+define var1 = $var1
+
+filter input iif $var1