evaluate: tunnel: don't assume src is set

Included bogon crashes, after fix: empty_geneve_definition_crash:2:9-16: Error: Could not process rule: Invalid argument Since this feature is undocumented (hint, hint) I don't know if there are cases where ip daddr can be elided. If not, a followup patch should reject empty dst upfront so users get a more verbose error message. Signed-off-by: Florian Westphal <fw@strlen.de> Reviewed-by: Fernando Fernandez Mancera <fmancera@suse.de>
author: Florian Westphal <fw@strlen.de> 2025-10-16 16:59:33 +0200
committer: Florian Westphal <fw@strlen.de> 2025-10-17 09:40:55 +0200
commit: f9047c1f1a4e5841785a39049d47bba4bfdb592b (patch)
tree: 35890f2ee36e7bc8d6780846e9a7f503a6e1ed65 /src
parent: 2ac4d1c73907451eb4c092c342c389f8d7aa6790 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 0c7d90f8..ac482c83 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -5865,11 +5865,12 @@ static int tunnel_evaluate(struct eval_ctx *ctx, struct obj *obj)
 				 obj->tunnel.dst->dtype->size);
 		if (expr_evaluate(ctx, &obj->tunnel.dst) < 0)
 			return -1;
-	}
 
-	if (obj->tunnel.src->dtype != obj->tunnel.dst->dtype)
-		return __stmt_binary_error(ctx, &obj->location, NULL,
-					  "specify either ip or ip6 for address");
+		if (obj->tunnel.src &&
+		    obj->tunnel.src->dtype != obj->tunnel.dst->dtype)
+			return __stmt_binary_error(ctx, &obj->location, NULL,
+						  "specify either ip or ip6 for address");
+	}
 
 	return 0;
 }
author	Florian Westphal <fw@strlen.de>	2025-10-16 16:59:33 +0200
committer	Florian Westphal <fw@strlen.de>	2025-10-17 09:40:55 +0200
commit	f9047c1f1a4e5841785a39049d47bba4bfdb592b (patch)
tree	35890f2ee36e7bc8d6780846e9a7f503a6e1ed65 /src
parent	2ac4d1c73907451eb4c092c342c389f8d7aa6790 (diff)