diff options
| author | Florian Westphal <fw@strlen.de> | 2023-06-19 22:43:06 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2023-06-20 21:47:53 +0200 |
| commit | 1d2e22fc0521bcf73ee1f891c291dc1bde47a6bb (patch) | |
| tree | 6274cc3330a6199fe3624595eb94698b194e7802 | |
| parent | d40c7623837424d4eb8048508b924887b092e050 (diff) | |
ct timeout: fix 'list object x' vs. 'list objects in table' confusion
<empty ruleset>
$ nft list ct timeout table t
Error: No such file or directory
list ct timeout table t
^
This is expected to list all 'ct timeout' objects.
The failure is correct, the table 't' does not exist.
But now lets add one:
$ nft add table t
$ nft list ct timeout table t
Segmentation fault (core dumped)
... and thats not expected, nothing should be shown
and nft should exit normally.
Because of missing TIMEOUTS command enum, the backend thinks
it should do an object lookup, but as frontend asked for
'list of objects' rather than 'show this object',
handle.obj.name is NULL, which then results in this crash.
Update the command enums so that backend knows what the
frontend asked for.
Signed-off-by: Florian Westphal <fw@strlen.de>
| -rw-r--r-- | include/rule.h | 1 | ||||
| -rw-r--r-- | src/cache.c | 1 | ||||
| -rw-r--r-- | src/evaluate.c | 1 | ||||
| -rw-r--r-- | src/parser_bison.y | 2 | ||||
| -rw-r--r-- | src/rule.c | 1 |
5 files changed, 5 insertions, 1 deletions
diff --git a/include/rule.h b/include/rule.h index fa391529..b360e261 100644 --- a/include/rule.h +++ b/include/rule.h @@ -645,6 +645,7 @@ enum cmd_obj { CMD_OBJ_FLOWTABLE, CMD_OBJ_FLOWTABLES, CMD_OBJ_CT_TIMEOUT, + CMD_OBJ_CT_TIMEOUTS, CMD_OBJ_SECMARK, CMD_OBJ_SECMARKS, CMD_OBJ_CT_EXPECT, diff --git a/src/cache.c b/src/cache.c index becfa57f..d908ae0a 100644 --- a/src/cache.c +++ b/src/cache.c @@ -370,6 +370,7 @@ static int nft_handle_validate(const struct cmd *cmd, struct list_head *msgs) case CMD_OBJ_CT_HELPER: case CMD_OBJ_CT_HELPERS: case CMD_OBJ_CT_TIMEOUT: + case CMD_OBJ_CT_TIMEOUTS: case CMD_OBJ_CT_EXPECT: if (h->table.name && strlen(h->table.name) > NFT_NAME_MAXLEN) { diff --git a/src/evaluate.c b/src/evaluate.c index efab2895..687f9a7b 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -5441,6 +5441,7 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd) case CMD_OBJ_FLOWTABLES: case CMD_OBJ_SECMARKS: case CMD_OBJ_SYNPROXYS: + case CMD_OBJ_CT_TIMEOUTS: if (cmd->handle.table.name == NULL) return 0; if (!table_cache_find(&ctx->nft->cache.table_cache, diff --git a/src/parser_bison.y b/src/parser_bison.y index e7ee56c1..beb277b6 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -4757,7 +4757,7 @@ ct_obj_type : HELPER { $$ = NFT_OBJECT_CT_HELPER; } ; ct_cmd_type : HELPERS { $$ = CMD_OBJ_CT_HELPERS; } - | TIMEOUT { $$ = CMD_OBJ_CT_TIMEOUT; } + | TIMEOUT { $$ = CMD_OBJ_CT_TIMEOUTS; } | EXPECTATION { $$ = CMD_OBJ_CT_EXPECT; } ; @@ -2351,6 +2351,7 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_OBJ_CT_HELPERS: return do_list_obj(ctx, cmd, NFT_OBJECT_CT_HELPER); case CMD_OBJ_CT_TIMEOUT: + case CMD_OBJ_CT_TIMEOUTS: return do_list_obj(ctx, cmd, NFT_OBJECT_CT_TIMEOUT); case CMD_OBJ_CT_EXPECT: return do_list_obj(ctx, cmd, NFT_OBJECT_CT_EXPECT); |