diff options
author | Florian Westphal <fw@strlen.de> | 2023-11-30 21:29:52 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2023-12-01 12:26:49 +0100 |
commit | 09c573053ff03ad0a2eeb12c2957881648062f50 (patch) | |
tree | 7b1bd1982b01218e3e38db5dd8b39c5f1983168a | |
parent | 4890211e188a055d686f5522b40bbdd41e75216c (diff) |
evaluate: reject sets with no key
nft --check -f tests/shell/testcases/bogons/nft-f/set_without_key
Segmentation fault (core dumped)
Fixes: 56c90a2dd2eb ("evaluate: expand sets and maps before evaluation")
Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r-- | src/evaluate.c | 3 | ||||
-rw-r--r-- | tests/shell/testcases/bogons/nft-f/map_without_key | 5 | ||||
-rw-r--r-- | tests/shell/testcases/bogons/nft-f/set_without_key | 5 |
3 files changed, 13 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index 2ead0347..048880e5 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -4621,6 +4621,9 @@ static int elems_evaluate(struct eval_ctx *ctx, struct set *set) { ctx->set = set; if (set->init != NULL) { + if (set->key == NULL) + return set_error(ctx, set, "set definition does not specify key"); + __expr_set_context(&ctx->ectx, set->key->dtype, set->key->byteorder, set->key->len, 0); if (expr_evaluate(ctx, &set->init) < 0) diff --git a/tests/shell/testcases/bogons/nft-f/map_without_key b/tests/shell/testcases/bogons/nft-f/map_without_key new file mode 100644 index 00000000..78f16b23 --- /dev/null +++ b/tests/shell/testcases/bogons/nft-f/map_without_key @@ -0,0 +1,5 @@ +table t { + map m { + elements = { 0x00000023 : 0x00001337 } + } +} diff --git a/tests/shell/testcases/bogons/nft-f/set_without_key b/tests/shell/testcases/bogons/nft-f/set_without_key new file mode 100644 index 00000000..f194afbf --- /dev/null +++ b/tests/shell/testcases/bogons/nft-f/set_without_key @@ -0,0 +1,5 @@ +table ip t { + set s { + elements = { 0x00000023-0x00000142, 0x00001337 } + } +} |