diff options
author | Phil Sutter <phil@nwl.cc> | 2020-09-24 17:38:45 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-10-06 17:55:54 +0200 |
commit | 032c9f745c6daab8c27176a95963b1c32b0a5d12 (patch) | |
tree | 35da1182386db3c23b624245451f33c2238a4d8e /src | |
parent | 129f9d153279cd0fdb723fcff7d61879baa31f46 (diff) |
evaluate: Reject quoted strings containing only wildcard
Fix for an assertion fail when trying to match against an all-wildcard
interface name:
| % nft add rule t c iifname '"*"'
| nft: expression.c:402: constant_expr_alloc: Assertion `(((len) + (8) - 1) / (8)) > 0' failed.
| zsh: abort nft add rule t c iifname '"*"'
Fix this by detecting the string in expr_evaluate_string() and returning
an error message:
| % nft add rule t c iifname '"*"'
| Error: All-wildcard strings are not supported
| add rule t c iifname "*"
| ^^^
While being at it, drop the 'datalen >= 1' clause from the following
conditional as together with the added check for 'datalen == 0', all
possible other values have been caught already.
Diffstat (limited to 'src')
-rw-r--r-- | src/evaluate.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index c8045e5d..5f17d750 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -324,8 +324,11 @@ static int expr_evaluate_string(struct eval_ctx *ctx, struct expr **exprp) return 0; } - if (datalen >= 1 && - data[datalen - 1] == '\\') { + if (datalen == 0) + return expr_error(ctx->msgs, expr, + "All-wildcard strings are not supported"); + + if (data[datalen - 1] == '\\') { char unescaped_str[data_len]; memset(unescaped_str, 0, sizeof(unescaped_str)); |