evaluate: guard against NULL basetype

commit 3671c48970031e617ee713b79caf8ef0a1b096c2 upstream. i->dtype->basetype can be NULL. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2023-12-04 18:18:07 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2023-12-05 15:49:29 +0100
commit: a8be4d2f8bc3923f7b9e0558921d04345c78294d (patch)
tree: 0b3bc55c2f755704b447baf85e7eb50cba20680c
parent: 9b356c4031edbc6fd895ca8000a7d46dc16a5ebd (diff)
2 files changed, 2 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 1b4d3a6b..2c17b3f4 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1434,7 +1434,7 @@ static int expr_evaluate_list(struct eval_ctx *ctx, struct expr **expr)
 			return expr_error(ctx->msgs, i,
 					  "List member must be a constant "
 					  "value");
-		if (i->dtype->basetype->type != TYPE_BITMASK)
+		if (datatype_basetype(i->dtype)->type != TYPE_BITMASK)
 			return expr_error(ctx->msgs, i,
 					  "Basetype of type %s is not bitmask",
 					  i->dtype->desc);
diff --git a/tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash b/tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash
new file mode 100644
index 00000000..16d3e41f
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash
@@ -0,0 +1 @@
+cPoR et ip dscp << 2>0 ,xl rt  ipsec   c0tt in  tabl rt  ipsec   cl
author	Florian Westphal <fw@strlen.de>	2023-12-04 18:18:07 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2023-12-05 15:49:29 +0100
commit	a8be4d2f8bc3923f7b9e0558921d04345c78294d (patch)
tree	0b3bc55c2f755704b447baf85e7eb50cba20680c
parent	9b356c4031edbc6fd895ca8000a7d46dc16a5ebd (diff)