evaluate: reject sets with no key

commit 09c573053ff03ad0a2eeb12c2957881648062f50 upstream.

nft --check -f tests/shell/testcases/bogons/nft-f/set_without_key
Segmentation fault (core dumped)

Fixes: 56c90a2dd2eb ("evaluate: expand sets and maps before evaluation")
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/src/evaluate.c b/src/evaluate.c
index 3724a2bd3dcb86258e7566bafa5404713f250e46..47145f4cb0f8127cfbb400c6701ea1e5822ec142 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -4756,6 +4756,9 @@ static int elems_evaluate(struct eval_ctx *ctx, struct set *set)
 {
        ctx->set = set;
        if (set->init != NULL) {
+               if (set->key == NULL)
+                       return set_error(ctx, set, "set definition does not specify key");
+
                __expr_set_context(&ctx->ectx, set->key->dtype,
                                   set->key->byteorder, set->key->len, 0);
                if (expr_evaluate(ctx, &set->init) < 0) {

diff --git a/tests/shell/testcases/bogons/nft-f/map_without_key b/tests/shell/testcases/bogons/nft-f/map_without_key
new file mode 100644 (file)
index 0000000..78f16b2
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/map_without_key
@@ -0,0 +1,5 @@
+table t {
+       map m {
+               elements = { 0x00000023 : 0x00001337 }
+       }
+}

diff --git a/tests/shell/testcases/bogons/nft-f/set_without_key b/tests/shell/testcases/bogons/nft-f/set_without_key
new file mode 100644 (file)
index 0000000..f194afb
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/set_without_key
@@ -0,0 +1,5 @@
+table ip t {
+       set s {
+               elements = { 0x00000023-0x00000142, 0x00001337 }
+       }
+}