datatype: fix crash if wrong integer type is passed

Eric Leblond reported that this command: nft add rule ip6 filter input position 4 meta protocol icmpv6 accept crashes nft. The problem is that 'icmpv6' is wrong there, as meta protocol is expecting an ethernet protocol, that can be expressed as an hexadecimal. Now this command displays the following error: <cmdline>:1:52-57: Error: This is not a valid Ethernet protocol add rule ip6 filter input position 4 meta protocol icmpv6 accept ^^^^^^ This closes bugzilla #834: https://bugzilla.netfilter.org/show_bug.cgi?id=834 Reported-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-07-24 15:14:22 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-07-24 15:23:44 +0200
commit: a320531e78f1bcb12b24da048f34592771392a9a (patch)
tree: 04e0e63205e6aea50035492dce7afa7347faa2ac /src/datatype.c
parent: df84fdeb32c7a76388dd456a835b5f29e0c9caa1 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/src/datatype.c b/src/datatype.c
index 62539957..55368eed 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -229,8 +229,10 @@ static struct error_record *integer_type_parse(const struct expr *sym,
 	if (gmp_sscanf(sym->identifier, "%Zu%n", v, &len) != 1 ||
 	    (int)strlen(sym->identifier) != len) {
 		mpz_clear(v);
-		if (sym->dtype != &integer_type)
-			return NULL;
+		if (sym->dtype != &integer_type) {
+			return error(&sym->location, "This is not a valid %s",
+				     sym->dtype->desc);
+		}
 		return error(&sym->location, "Could not parse %s",
 			     sym->dtype->desc);
 	}
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-07-24 15:14:22 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-07-24 15:23:44 +0200
commit	a320531e78f1bcb12b24da048f34592771392a9a (patch)
tree	04e0e63205e6aea50035492dce7afa7347faa2ac /src/datatype.c
parent	df84fdeb32c7a76388dd456a835b5f29e0c9caa1 (diff)