| Message ID | 20250508142907.4871-1-fw@strlen.de |
|---|---|
| State | Accepted, archived |
| Headers | show |
| Series | [nft] src: netlink: fix crash when ops doesn't support udata | expand |
On Thu, May 08, 2025 at 04:29:04PM +0200, Florian Westphal wrote: > Whenever a new version adds udata support to an expression, then old > versions of nft will crash when trying to list such a ruleset generated > by a more recent version of nftables. > > Fix this by falling back to 'type' format. Fixes: 6e48df5329ea ('src: add "typeof" build/parse/print support') > Signed-off-by: Florian Westphal <fw@strlen.de> Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org> Thanks. > --- > src/netlink.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/netlink.c b/src/netlink.c > index 25ee3419772b..5825a68d03bc 100644 > --- a/src/netlink.c > +++ b/src/netlink.c > @@ -913,7 +913,7 @@ static struct expr *set_make_key(const struct nftnl_udata *attr) > > etype = nftnl_udata_get_u32(ud[NFTNL_UDATA_SET_TYPEOF_EXPR]); > ops = expr_ops_by_type_u32(etype); > - if (!ops) > + if (!ops || !ops->parse_udata) > return NULL; > > expr = ops->parse_udata(ud[NFTNL_UDATA_SET_TYPEOF_DATA]); > -- > 2.49.0 > >
diff --git a/src/netlink.c b/src/netlink.c index 25ee3419772b..5825a68d03bc 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -913,7 +913,7 @@ static struct expr *set_make_key(const struct nftnl_udata *attr) etype = nftnl_udata_get_u32(ud[NFTNL_UDATA_SET_TYPEOF_EXPR]); ops = expr_ops_by_type_u32(etype); - if (!ops) + if (!ops || !ops->parse_udata) return NULL; expr = ops->parse_udata(ud[NFTNL_UDATA_SET_TYPEOF_DATA]);
Whenever a new version adds udata support to an expression, then old versions of nft will crash when trying to list such a ruleset generated by a more recent version of nftables. Fix this by falling back to 'type' format. Signed-off-by: Florian Westphal <fw@strlen.de> --- src/netlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)