From b849b0dfd9f3aecff5617bc60d5852ef36c3d494 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 24 Oct 2018 21:14:37 +0200 Subject: json: Work around segfault when encountering xt stmt When trying to convert an xt stmt into JSON, print() callback was called. Though the code in src/xt.c does not respect output_fp, therefore buffer wasn't filled as expected making libjansson to puke: | # nft -j list ruleset | warning: stmt ops xt have no json callback | nft: json.c:169: stmt_print_json: Assertion `__out' failed. | Aborted (core dumped) Avoid this by detecting xt stmt ops and returning a stub. Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- doc/libnftables-json.adoc | 7 +++++++ src/json.c | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/doc/libnftables-json.adoc b/doc/libnftables-json.adoc index ea5fbe81..414702c7 100644 --- a/doc/libnftables-json.adoc +++ b/doc/libnftables-json.adoc @@ -998,6 +998,13 @@ Assign connection tracking timeout policy. *ct timeout*:: CT timeout reference. +=== XT +[verse] +*{ "xt": null }* + +This represents an xt statement from xtables compat interface. Sadly, at this +point it is not possible to provide any further information about its content. + == EXPRESSIONS Expressions are the building blocks of (most) statements. In their most basic form, they are just immediate values represented as JSON string, integer or diff --git a/src/json.c b/src/json.c index 431d38af..f08a3b64 100644 --- a/src/json.c +++ b/src/json.c @@ -166,6 +166,12 @@ static json_t *stmt_print_json(const struct stmt *stmt, struct output_ctx *octx) char buf[1024]; FILE *fp; + /* XXX: Can't be supported at this point: + * xt_stmt_xlate() ignores output_fp. + */ + if (stmt->ops->type == STMT_XT) + return json_pack("{s:n}", "xt"); + if (stmt->ops->json) return stmt->ops->json(stmt, octx); -- cgit v1.2.3