From 3d6cf7f355f80d8ca6c6378c4f399675360c0f8e Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Wed, 31 Mar 2021 01:26:19 +0200
Subject: netlink: don't crash when set elements are not evaluated as expected

define foo = 2001:db8:123::/48

table inet filter {
	set foo {
		typeof ip6 saddr
		elements = $foo
	}
}

gives crash.  This now exits with:

stdin:1:14-30: Error: Unexpected initial set type prefix
define foo = 2001:db8:123::/48
             ^^^^^^^^^^^^^^^^^

For literals, bison parser protects us, as it enforces
'elements = { 2001:... '.

For 'elements = $foo' we can't detect it at parsing stage as the '$foo'
symbol might as well evaluate to "{ 2001, ...}" (i.e. we can't do a
set element allocation).

So at least detect this from set instantiaton.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 src/netlink.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src/netlink.c')

diff --git a/src/netlink.c b/src/netlink.c
index 103fdbd1..97ae88c7 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -120,6 +120,9 @@ static struct nftnl_set_elem *alloc_nftnl_setelem(const struct expr *set,
 	} else {
 		elem = expr;
 	}
+	if (elem->etype != EXPR_SET_ELEM)
+		BUG("Unexpected expression type: got %d\n", elem->etype);
+
 	key = elem->key;
 
 	netlink_gen_data(key, &nld);
-- 
cgit v1.2.3