evaluate: fix gmp assertion with too-large reject code

Before:
nft: gmputil.c:77: mpz_get_uint8: Assertion `cnt <= 1' failed.
After: Error: reject code must be integer in range 0-255

Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/src/evaluate.c b/src/evaluate.c
index 8173d1537396d99f2dce39936f002ee4bf3dca25..0e0e0c00b91b40de9b09b7808c1647423e5139e1 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3590,6 +3590,13 @@ static int stmt_evaluate_reject_icmp(struct eval_ctx *ctx, struct stmt *stmt)
                erec_queue(erec, ctx->msgs);
                return -1;
        }
+
+       if (mpz_cmp_ui(code->value, UINT8_MAX) > 0) {
+               expr_free(code);
+               return expr_error(ctx->msgs, stmt->reject.expr,
+                                 "reject code must be integer in range 0-255");
+       }
+
        stmt->reject.icmp_code = mpz_get_uint8(code->value);
        expr_free(code);
 

diff --git a/tests/shell/testcases/bogons/nft-f/icmp_reject_type_uint8_assert b/tests/shell/testcases/bogons/nft-f/icmp_reject_type_uint8_assert
new file mode 100644 (file)
index 0000000..1fc85b2
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/icmp_reject_type_uint8_assert
@@ -0,0 +1 @@
+rule t c reject with icmp 512