packages/nftables
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nftables/backport-evaluate-stmt_nat-set-reference-must-point-to-a-map.patch
lingsheng 862bf7d69a backport upstream patches 
Signed-off-by: lingsheng <860373352@qq.com>
2024-04-19 09:02:24 +00:00

65 lines
2.2 KiB
Diff
Raw Permalink Blame History

From 3eb0a73a9ee32897290d4097c0ec29377e25859e Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Wed, 13 Dec 2023 17:00:37 +0100
Subject: [PATCH] evaluate: stmt_nat: set reference must point to a map
nat_concat_map() requires a datamap, else we crash:
set->data is dereferenced.
Also update expr_evaluate_map() so that EXPR_SET_REF is checked there
too.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
src/evaluate.c | 9 +++++++++
.../bogons/nft-f/nat_stmt_with_set_instead_of_map | 10 ++++++++++
2 files changed, 19 insertions(+)
create mode 100644 tests/shell/testcases/bogons/nft-f/nat_stmt_with_set_instead_of_map
diff --git a/src/evaluate.c b/src/evaluate.c
index 1b3e8097..da382912 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2041,6 +2041,9 @@ static int expr_evaluate_map(struct eval_ctx *ctx, struct expr **expr)
break;
case EXPR_SET_REF:
/* symbol has been already evaluated to set reference */
+ if (!set_is_map(mappings->set->flags))
+ return expr_error(ctx->msgs, map->mappings,
+ "Expression is not a map");
break;
default:
BUG("invalid mapping expression %s\n",
@@ -3969,6 +3972,12 @@ static bool nat_concat_map(struct eval_ctx *ctx, struct stmt *stmt)
if (expr_evaluate(ctx, &stmt->nat.addr->mappings))
return false;
+ if (!set_is_datamap(stmt->nat.addr->mappings->set->flags)) {
+ expr_error(ctx->msgs, stmt->nat.addr->mappings,
+ "Expression is not a map");
+ return false;
+ }
+
if (stmt->nat.addr->mappings->set->data->etype == EXPR_CONCAT ||
stmt->nat.addr->mappings->set->data->dtype->subtypes) {
stmt->nat.type_flags |= STMT_NAT_F_CONCAT;
diff --git a/tests/shell/testcases/bogons/nft-f/nat_stmt_with_set_instead_of_map b/tests/shell/testcases/bogons/nft-f/nat_stmt_with_set_instead_of_map
new file mode 100644
index 00000000..b1302278
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/nat_stmt_with_set_instead_of_map
@@ -0,0 +1,10 @@
+table inet x {
+ set y {
+ type ipv4_addr
+ elements = { 2.2.2.2, 3.3.3.3 }
+ }
+
+ chain y {
+ snat ip to ip saddr map @y
+ }
+}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink