45 lines
1.2 KiB
Diff
45 lines
1.2 KiB
Diff
From 7df0b2f1a1c64e2bdc652fd2418b4f7218c93f1f Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <phil@nwl.cc>
|
|
Date: Wed, 13 Sep 2023 22:07:46 +0200
|
|
Subject: [PATCH] parser_json: Catch nonsense ops in match statement
|
|
|
|
Since expr_op_symbols array includes binary operators and more, simply
|
|
checking the given string matches any of the elements is not sufficient.
|
|
|
|
Fixes: 586ad210368b7 ("libnftables: Implement JSON parser")
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
---
|
|
src/parser_json.c | 13 +++++++++----
|
|
1 file changed, 9 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/src/parser_json.c b/src/parser_json.c
|
|
index eec73034..c4a09797 100644
|
|
--- a/src/parser_json.c
|
|
+++ b/src/parser_json.c
|
|
@@ -1725,13 +1725,18 @@ static struct stmt *json_parse_match_stmt(struct json_ctx *ctx,
|
|
!strcmp(opstr, expr_op_symbols[op]))
|
|
break;
|
|
}
|
|
- if (op == __OP_MAX) {
|
|
+ switch (op) {
|
|
+ case OP_EQ ... OP_NEG:
|
|
+ break;
|
|
+ case __OP_MAX:
|
|
if (!strcmp(opstr, "in")) {
|
|
op = OP_IMPLICIT;
|
|
- } else {
|
|
- json_error(ctx, "Unknown relational op '%s'.", opstr);
|
|
- return NULL;
|
|
+ break;
|
|
}
|
|
+ /* fall through */
|
|
+ default:
|
|
+ json_error(ctx, "Invalid relational op '%s'.", opstr);
|
|
+ return NULL;
|
|
}
|
|
|
|
left = json_parse_expr(ctx, jleft);
|
|
--
|
|
2.33.0
|
|
|