diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-04-05 20:31:37 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-04-07 10:48:55 +0200 |
commit | e7ff8bab1f72c5b45ead02a0e5302359616e5cdc (patch) | |
tree | ebf1c2ee0f3143539f142492c7d4e1c046970f2a /src/rule.c | |
parent | a6d9aeb52e3c40bf064c49d869b71a27506c080a (diff) |
src: fix bogus assertion for unset attributes
If you try to obtain an unset attribute, you hit an assertion error
that should not happen. Fix this by checking if the attribute is
unset, otherwise skip the assertion checking.
Now that we have that nft_assert takes the data parameter, we can also
validate if someone is using the setter passing NULL, which is illegal.
So let's add an assertion for that as well.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
-rw-r--r-- | src/rule.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -133,7 +133,7 @@ void nft_rule_attr_set_data(struct nft_rule *r, uint16_t attr, if (attr > NFT_RULE_ATTR_MAX) return; - nft_assert_validate(nft_rule_attr_validate, attr, data_len); + nft_assert_validate(data, nft_rule_attr_validate, attr, data_len); switch(attr) { case NFT_RULE_ATTR_TABLE: @@ -248,7 +248,7 @@ uint32_t nft_rule_attr_get_u32(const struct nft_rule *r, uint16_t attr) uint32_t data_len; const uint32_t *val = nft_rule_attr_get_data(r, attr, &data_len); - nft_assert(attr, data_len == sizeof(uint32_t)); + nft_assert(val, attr, data_len == sizeof(uint32_t)); return val ? *val : 0; } @@ -259,7 +259,7 @@ uint64_t nft_rule_attr_get_u64(const struct nft_rule *r, uint16_t attr) uint32_t data_len; const uint64_t *val = nft_rule_attr_get_data(r, attr, &data_len); - nft_assert(attr, data_len == sizeof(uint64_t)); + nft_assert(val, attr, data_len == sizeof(uint64_t)); return val ? *val : 0; } @@ -270,7 +270,7 @@ uint8_t nft_rule_attr_get_u8(const struct nft_rule *r, uint16_t attr) uint32_t data_len; const uint8_t *val = nft_rule_attr_get_data(r, attr, &data_len); - nft_assert(attr, data_len == sizeof(uint8_t)); + nft_assert(val, attr, data_len == sizeof(uint8_t)); return val ? *val : 0; } |