From: Florian Westphal <fw@strlen.de>
Date: Thu, 27 Mar 2025 15:17:11 +0000 (+0100)
Subject: expression: don't try to import empty string
X-Git-Tag: v1.1.2~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8a9581d5d66ca2f920730441c82ac14fe9d9a427;p=thirdparty%2Fnftables.git

expression: don't try to import empty string

The bogon will trigger the assertion in mpz_import_data:
src/expression.c:418: constant_expr_alloc: Assertion `(((len) + (8) - 1) / (8)) > 0' failed.

Signed-off-by: Florian Westphal <fw@strlen.de>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/src/expression.c b/src/expression.c
index 228754fc..9f19a379 100644
--- a/src/expression.c
+++ b/src/expression.c
@@ -494,7 +494,7 @@ struct expr *constant_expr_alloc(const struct location *loc,
 	expr->flags = EXPR_F_CONSTANT | EXPR_F_SINGLETON;
 
 	mpz_init2(expr->value, len);
-	if (data != NULL)
+	if (data != NULL && len)
 		mpz_import_data(expr->value, data, byteorder,
 				div_round_up(len, BITS_PER_BYTE));
 
diff --git a/tests/shell/testcases/bogons/nft-j-f/constant_expr_alloc_assert b/tests/shell/testcases/bogons/nft-j-f/constant_expr_alloc_assert
new file mode 100644
index 00000000..9c400302
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-j-f/constant_expr_alloc_assert
@@ -0,0 +1,38 @@
+{
+  "nftables": [
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "testchain",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "testmap",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "verdict",
+        "elem": [
+          [
+            {
+              "jump": {
+                "target": ""
+              }
+            }
+          ]
+        ]
+      }
+    }
+  ]
+}