summaryrefslogtreecommitdiffstats
path: root/src/expr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/expr.c')
-rw-r--r--src/expr.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/expr.c b/src/expr.c
index b4581f1..4e32189 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -71,6 +71,16 @@ int nftnl_expr_set(struct nftnl_expr *expr, uint16_t type,
case NFTNL_EXPR_NAME: /* cannot be modified */
return 0;
default:
+ if (type < NFTNL_EXPR_BASE || type > expr->ops->nftnl_max_attr)
+ return -1;
+
+ if (!expr->ops->attr_policy)
+ return -1;
+
+ if (expr->ops->attr_policy[type].maxlen &&
+ expr->ops->attr_policy[type].maxlen < data_len)
+ return -1;
+
if (expr->ops->set(expr, type, data, data_len) < 0)
return -1;
}