From e4f59f2dc68fb2e6d62a6c37e04366a8ebd199cf Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Mon, 26 Feb 2024 10:34:59 +0100
Subject: parser_json: allow 0 offsets again

Its valid in case of tcp option removal:

[ {
   "reset": {
     "tcp option": {
       "base": 123,
       "len": 0,
       "offset": 0
   }

This makes nft-test.py -j pass again.

Fixes: e08627257ecf ("parser: reject raw payload expressions with 0 length")
Signed-off-by: Florian Westphal <fw@strlen.de>
---
 src/parser_json.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/parser_json.c')

diff --git a/src/parser_json.c b/src/parser_json.c
index 970ae8cb..ff52423a 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -670,7 +670,7 @@ static struct expr *json_parse_tcp_option_expr(struct json_ctx *ctx,
 		if (kind < 0 || kind > 255)
 			return NULL;
 
-		if (len <= 0 || len > (int)NFT_MAX_EXPR_LEN_BITS) {
+		if (len < 0 || len > (int)NFT_MAX_EXPR_LEN_BITS) {
 			json_error(ctx, "option length must be between 0 and %lu, got %d",
 				   NFT_MAX_EXPR_LEN_BITS, len);
 			return NULL;
-- 
cgit v1.2.3