From 805fe6f5c9c8f2af78d8e94bd6b5c33724df3c80 Mon Sep 17 00:00:00 2001

From: Phil Sutter <psutter@redhat.com>

Date: Tue, 18 May 2021 18:16:21 +0200

Subject: [PATCH] evaluate: Reject quoted strings containing only wildcard

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1818117

Upstream Status: nftables commit 032c9f745c6da

commit 032c9f745c6daab8c27176a95963b1c32b0a5d12

Author: Phil Sutter <phil@nwl.cc>

Date:   Thu Sep 24 17:38:45 2020 +0200

    evaluate: Reject quoted strings containing only wildcard

    Fix for an assertion fail when trying to match against an all-wildcard

    interface name:

    | % nft add rule t c iifname '"*"'

    | nft: expression.c:402: constant_expr_alloc: Assertion `(((len) + (8) - 1) / (8)) > 0' failed.

    | zsh: abort      nft add rule t c iifname '"*"'

    Fix this by detecting the string in expr_evaluate_string() and returning

    an error message:

    | % nft add rule t c iifname '"*"'

    | Error: All-wildcard strings are not supported

    | add rule t c iifname "*"

    |                      ^^^

    While being at it, drop the 'datalen >= 1' clause from the following

    conditional as together with the added check for 'datalen == 0', all

    possible other values have been caught already.

---

 src/evaluate.c | 7 +++++--

 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/evaluate.c b/src/evaluate.c

index a966ed4..0181750 100644

--- a/src/evaluate.c

+++ b/src/evaluate.c

@@ -321,8 +321,11 @@ static int expr_evaluate_string(struct eval_ctx *ctx, struct expr **exprp)

 		return 0;

 	}

-	if (datalen >= 1 &&

-	    data[datalen - 1] == '\\') {

+	if (datalen == 0)

+		return expr_error(ctx->msgs, expr,

+				  "All-wildcard strings are not supported");

+

+	if (data[datalen - 1] == '\\') {

 		char unescaped_str[data_len];

 		memset(unescaped_str, 0, sizeof(unescaped_str));

-- 

2.31.1