]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 778e4e1)
evaluate: guard against NULL basetype
authorFlorian Westphal <fw@strlen.de>
Mon, 4 Dec 2023 17:18:07 +0000 (18:18 +0100)
committerFlorian Westphal <fw@strlen.de>
Tue, 5 Dec 2023 11:43:21 +0000 (12:43 +0100)
i->dtype->basetype can be NULL.

Signed-off-by: Florian Westphal <fw@strlen.de>
src/evaluate.c patch | blob | blame | history
tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash [new file with mode: 0644] patch | blob

diff --git a/src/evaluate.c b/src/evaluate.c
index b6428018c398ea7dd8511186725936f20b6a0616..b6670254b9fd9e06ea0096c31c7af22cb667477f 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1610,7 +1610,7 @@ static int expr_evaluate_list(struct eval_ctx *ctx, struct expr **expr)
                        return expr_error(ctx->msgs, i,
                                          "List member must be a constant "
                                          "value");
-               if (i->dtype->basetype->type != TYPE_BITMASK)
+               if (datatype_basetype(i->dtype)->type != TYPE_BITMASK)
                        return expr_error(ctx->msgs, i,
                                          "Basetype of type %s is not bitmask",
                                          i->dtype->desc);
diff --git a/tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash b/tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash
new file mode 100644 (file)
index 0000000..16d3e41
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash
@@ -0,0 +1 @@
+cPoR et ip dscp << 2>0 ,xl rt  ipsec   c0tt in  tabl rt  ipsec   cl
Mirror of git://git.netfilter.org/nftables