From 8ff7fed3b0d866268322d27511ddc73fbd8c77c8 Mon Sep 17 00:00:00 2001 From: Alvaro Neira Date: Wed, 26 Nov 2014 12:07:51 +0100 Subject: evaluate: reject: fix crash on NULL location with bridge and tcp reset If we use tcp reset with a network protocol that tcp is not supported, we display an error. This error use the reject.expr location which is NULL, therefore we have a crash. This patch replaces it using the reject statement to display the error like: Rule: nft add bridge filter input ether type vlan reject with tcp reset Output: :1:46-51: Error: cannot reject this ether type add rule bridge filter input ether type vlan reject with tcp reset ~~~~~~~~~~~~~~~ ^^^^^^ Signed-off-by: Alvaro Neira Ayuso Signed-off-by: Pablo Neira Ayuso --- src/evaluate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/evaluate.c') diff --git a/src/evaluate.c b/src/evaluate.c index 3eeb614c..00e55b7d 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1277,7 +1277,7 @@ static int stmt_evaluate_reject_bridge_family(struct eval_ctx *ctx, case __constant_htons(ETH_P_IPV6): break; default: - return stmt_binary_error(ctx, stmt->reject.expr, + return stmt_binary_error(ctx, stmt, &ctx->pctx.protocol[PROTO_BASE_NETWORK_HDR], "cannot reject this ether type"); } -- cgit v1.2.3