diff options
author | Florian Westphal <fw@strlen.de> | 2023-12-19 12:14:37 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2023-12-19 16:10:37 +0100 |
commit | 49721e28db3e7b28f443bf963547c12f4dcf856d (patch) | |
tree | ebd1952051ffc24d89767d55995e7720fadaa75f /src | |
parent | c9f934ca446de5041ce6f19e4ee6a0c74b120186 (diff) |
intervals: BUG on prefix expressions without value
Its possible to end up with prefix expressions that have
a symbolic expression, e.g.:
table t {
set s {
type inet_service
flags interval
elements = { 172.16.0.0/16 }
}
set s {
type inet_service
flags interval
elements = { 0-1024, 8080-8082, 10000-40000 }
}
}
Without this change, nft will crash. We end up in setelem_expr_to_range()
with prefix "/16" for the symbolic expression "172.16.0.0".
We than pass invalid mpz_t pointer into libgmp.
This isn't a real fix, but instead of blindly assuming that the attached
expression has a gmp value die with at least some info.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
-rw-r--r-- | src/intervals.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/intervals.c b/src/intervals.c index e535fc34..5a88a8eb 100644 --- a/src/intervals.c +++ b/src/intervals.c @@ -28,6 +28,9 @@ static void setelem_expr_to_range(struct expr *expr) case EXPR_RANGE: break; case EXPR_PREFIX: + if (expr->key->prefix->etype != EXPR_VALUE) + BUG("Prefix for unexpected type %d", expr->key->prefix->etype); + mpz_init(rop); mpz_bitmask(rop, expr->key->len - expr->key->prefix_len); if (expr_basetype(expr)->type == TYPE_STRING) |