* [PATCH nft] parser_json: fix assert due to empty interface name
@ 2025-07-21 11:36 Florian Westphal
2025-07-22 1:54 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2025-07-21 11:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: Florian Westphal
Before:
nft: src/mnl.c:744: nft_dev_add: Assertion `ifname_len > 0' failed.
After:
internal:0:0-0: Error: empty interface name
Bison checks this upfront, do same in json.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
src/parser_json.c | 34 +++++++++++++------
.../mnl_nft_dev_add_ifname_len_0_assert | 19 +++++++++++
2 files changed, 42 insertions(+), 11 deletions(-)
create mode 100644 tests/shell/testcases/bogons/nft-j-f/mnl_nft_dev_add_ifname_len_0_assert
diff --git a/src/parser_json.c b/src/parser_json.c
index a6f142c68756..be0de69837d8 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -2959,6 +2959,25 @@ static struct expr *parse_policy(const char *policy)
sizeof(int) * BITS_PER_BYTE, &policy_num);
}
+static struct expr *ifname_expr_alloc(struct json_ctx *ctx,
+ const char *name)
+{
+ size_t length = strlen(name);
+
+ if (length == 0) {
+ json_error(ctx, "empty interface name");
+ return NULL;
+ }
+
+ if (length >= IFNAMSIZ) {
+ json_error(ctx, "Device name %s too long", name);
+ return NULL;
+ }
+
+ return constant_expr_alloc(int_loc, &ifname_type, BYTEORDER_HOST_ENDIAN,
+ length * BITS_PER_BYTE, name);
+}
+
static struct expr *json_parse_devs(struct json_ctx *ctx, json_t *root)
{
struct expr *tmp, *expr = compound_expr_alloc(int_loc, EXPR_LIST);
@@ -2967,15 +2986,12 @@ static struct expr *json_parse_devs(struct json_ctx *ctx, json_t *root)
size_t index;
if (!json_unpack(root, "s", &dev)) {
- if (strlen(dev) >= IFNAMSIZ) {
- json_error(ctx, "Device name %s too long", dev);
+ tmp = ifname_expr_alloc(ctx, dev);
+ if (!tmp) {
expr_free(expr);
return NULL;
}
- tmp = constant_expr_alloc(int_loc, &ifname_type,
- BYTEORDER_HOST_ENDIAN,
- strlen(dev) * BITS_PER_BYTE, dev);
compound_expr_add(expr, tmp);
return expr;
}
@@ -2992,15 +3008,11 @@ static struct expr *json_parse_devs(struct json_ctx *ctx, json_t *root)
return NULL;
}
- if (strlen(dev) >= IFNAMSIZ) {
- json_error(ctx, "Device name %s too long at index %zu", dev, index);
+ tmp = ifname_expr_alloc(ctx, dev);
+ if (!tmp) {
expr_free(expr);
return NULL;
}
-
- tmp = constant_expr_alloc(int_loc, &ifname_type,
- BYTEORDER_HOST_ENDIAN,
- strlen(dev) * BITS_PER_BYTE, dev);
compound_expr_add(expr, tmp);
}
return expr;
diff --git a/tests/shell/testcases/bogons/nft-j-f/mnl_nft_dev_add_ifname_len_0_assert b/tests/shell/testcases/bogons/nft-j-f/mnl_nft_dev_add_ifname_len_0_assert
new file mode 100644
index 000000000000..3be394c1fee8
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-j-f/mnl_nft_dev_add_ifname_len_0_assert
@@ -0,0 +1,19 @@
+{
+ "nftables": [
+ {
+ "table": { "family": "netdev", "name": "test", "ha": 0,
+ "flags": "dormant" } },
+{
+ "chain": {
+ "family": "netdev",
+ "table": "test",
+"name": "ingress",
+ "le": 0,
+"dev": "", "ha": 0,
+ "flags": "dormy1", "type": "fi",
+ "hook": "ingress",
+ "prio": 0, "policy": "drop"
+ }
+ }
+ ]
+}
--
2.49.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-07-22 1:54 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-21 11:36 [PATCH nft] parser_json: fix assert due to empty interface name Florian Westphal
2025-07-22 1:54 ` Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.