From 3503738f77cdbe521da1054a37f59ac2e442b4cf Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Mon, 6 Jun 2016 21:52:28 +0200
Subject: payload: don't update protocol context if we can't find a description

Since commit
20b1131c07acd2fc ("payload: fix stacked headers protocol context tracking")
we deref null pointer if we can't find a description for the desired
protocol, so "ip protocol 254" crashes while testing protocols 6 or 17
(tcp, udp) works.

Also add a test case for this.

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1072
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/py/ip/ip.t.payload.inet | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'tests/py/ip/ip.t.payload.inet')

diff --git a/tests/py/ip/ip.t.payload.inet b/tests/py/ip/ip.t.payload.inet
index ef4692e3..e495246e 100644
--- a/tests/py/ip/ip.t.payload.inet
+++ b/tests/py/ip/ip.t.payload.inet
@@ -268,6 +268,13 @@ inet test-inet input
   [ lookup reg 1 set __set%d ]
   [ immediate reg 0 accept ]
 
+# ip protocol 255
+ip test-ip4 input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x000000ff ]
+
 # ip checksum 13172 drop
 inet test-inet input
   [ meta load nfproto => reg 1 ]
-- 
cgit v1.2.3