diff options
| author | Phil Sutter <phil@nwl.cc> | 2021-03-17 20:39:38 +0100 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2021-11-30 14:57:46 +0100 |
| commit | 40e2414b74a1b8370decae5dea6395200dfb1e6d (patch) | |
| tree | 4edc6883cd59f84ee7d24a8d65e4847a775481a5 /src/exthdr.c | |
| parent | 38f1546ff34ae93d15caf5d003951aeb184a0396 (diff) | |
exthdr: Fix for segfault with unknown exthdr
Unknown exthdr type with NFT_EXTHDR_F_PRESENT flag set caused
NULL-pointer deref. Fix this by moving the conditional exthdr.desc deref
atop the function and use the result in all cases.
Fixes: e02bd59c4009b ("exthdr: Implement existence check")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'src/exthdr.c')
| -rw-r--r-- | src/exthdr.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/src/exthdr.c b/src/exthdr.c index 00d338f0..c02b17d3 100644 --- a/src/exthdr.c +++ b/src/exthdr.c @@ -46,6 +46,9 @@ static const struct exthdr_desc *exthdr_find_desc(enum exthdr_desc_id desc_id) static void exthdr_expr_print(const struct expr *expr, struct output_ctx *octx) { + const char *name = expr->exthdr.desc ? + expr->exthdr.desc->name : "unknown-exthdr"; + if (expr->exthdr.op == NFT_EXTHDR_OP_TCPOPT) { /* Offset calculation is a bit hacky at this point. * There might be a tcp option one day with another @@ -65,14 +68,14 @@ static void exthdr_expr_print(const struct expr *expr, struct output_ctx *octx) return; } - nft_print(octx, "tcp option %s", expr->exthdr.desc->name); + nft_print(octx, "tcp option %s", name); if (expr->exthdr.flags & NFT_EXTHDR_F_PRESENT) return; if (offset) nft_print(octx, "%d", offset); nft_print(octx, " %s", expr->exthdr.tmpl->token); } else if (expr->exthdr.op == NFT_EXTHDR_OP_IPV4) { - nft_print(octx, "ip option %s", expr->exthdr.desc->name); + nft_print(octx, "ip option %s", name); if (expr->exthdr.flags & NFT_EXTHDR_F_PRESENT) return; nft_print(octx, " %s", expr->exthdr.tmpl->token); @@ -83,10 +86,9 @@ static void exthdr_expr_print(const struct expr *expr, struct output_ctx *octx) nft_print(octx, " %s", expr->exthdr.tmpl->token); } else { if (expr->exthdr.flags & NFT_EXTHDR_F_PRESENT) - nft_print(octx, "exthdr %s", expr->exthdr.desc->name); + nft_print(octx, "exthdr %s", name); else { - nft_print(octx, "%s %s", - expr->exthdr.desc ? expr->exthdr.desc->name : "unknown-exthdr", + nft_print(octx, "%s %s", name, expr->exthdr.tmpl->token); } } |