]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8275837)
catch corner case for -=
authorAlan T. DeKok <aland@freeradius.org>
Sun, 17 Sep 2023 13:46:41 +0000 (09:46 -0400)
committerAlan T. DeKok <aland@freeradius.org>
Sun, 17 Sep 2023 13:46:41 +0000 (09:46 -0400)
&control -= {
&Password.Cleartext == 'oracle01' # ERROR
 }

the edit code doesn't do this correctly (yet).  Add a test case
which catches it and complains, instead of dogn the wrong thing.
It's also not clear what is meant by the above.  Do we need to
delete &Password, too?

src/lib/unlang/compile.c patch | blob | blame | history
src/tests/keywords/edit-list-remove-error [new file with mode: 0644] patch | blob

diff --git a/src/lib/unlang/compile.c b/src/lib/unlang/compile.c
index 639b5af7ea50692ebb32b04a8ace940b1c1d66d7..05151fa6622c6921d3411385619671455fc48874 100644 (file)
--- a/src/lib/unlang/compile.c
+++ b/src/lib/unlang/compile.c
@@ -1554,12 +1554,22 @@ static unlang_t *compile_edit_section(unlang_t *parent, unlang_compile_t *unlang
                /*
                 *      As a set of fixups... we can't do array references in -=
                 */
-               for (child = map_list_head(&map->child); child != NULL; child = map_list_next(&map->child, child)) {
-                       if (!tmpl_is_attr(child->lhs)) continue;
+               if (map->op == T_OP_SUB_EQ) {
+                       for (child = map_list_head(&map->child); child != NULL; child = map_list_next(&map->child, child)) {
+                               if (!tmpl_is_attr(child->lhs)) continue;
 
-                       if (tmpl_attr_tail_num(child->lhs) != NUM_UNSPEC) {
-                               cf_log_err(child->ci, "Cannot use array references and values when deleting from a list");
-                               goto fail;
+                               if (tmpl_attr_tail_num(child->lhs) != NUM_UNSPEC) {
+                                       cf_log_err(child->ci, "Cannot use array references and values when deleting from a list");
+                                       goto fail;
+                               }
+
+                               /*
+                                *      The edit code doesn't do this correctly, so we just forbid it.
+                                */
+                               if (tmpl_attr_num_elements(child->lhs) > 1) {
+                                       cf_log_err(child->ci, "List deletion must operate directly on the final child");
+                                       goto fail;
+                               }
                        }
                }
        } else {
diff --git a/src/tests/keywords/edit-list-remove-error b/src/tests/keywords/edit-list-remove-error
new file mode 100644 (file)
index 0000000..2654234
--- /dev/null
+++ b/src/tests/keywords/edit-list-remove-error
@@ -0,0 +1,8 @@
+#
+#  The edit code doesn't do this yet.
+#
+#  Instead of doing something wrong, we forbid it with a descriptive error.
+#
+&control -= {
+       &Password.Cleartext == 'oracle01'       # ERROR
+}
\ No newline at end of file
Mirror of https://github.com/FreeRADIUS/freeradius-server.git