The key must be a set elem expression, but if a "regular" expression was
provided (which should be commonly accepted in case no set elem specific
properties are required), the resulting object tree crashed libnftables.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
src/parser_json.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/parser_json.c b/src/parser_json.c
index 432991fa152d4..864463f4f5a92 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -1186,7 +1186,7 @@ static struct expr *json_parse_expr(struct json_ctx *ctx, json_t *root)
{ "jump", json_parse_verdict_expr, CTX_F_RHS | CTX_F_SET_RHS },
{ "goto", json_parse_verdict_expr, CTX_F_RHS | CTX_F_SET_RHS },
{ "return", json_parse_verdict_expr, CTX_F_RHS | CTX_F_SET_RHS },
- { "elem", json_parse_set_elem_expr, CTX_F_RHS | CTX_F_STMT | CTX_F_PRIMARY },
+ { "elem", json_parse_set_elem_expr, CTX_F_RHS | CTX_F_STMT | CTX_F_PRIMARY | CTX_F_SES },
};
const char *type;
unsigned int i;
@@ -1992,7 +1992,7 @@ static struct stmt *json_parse_meter_stmt(struct json_ctx *ctx,
stmt->meter.name = xstrdup(name);
stmt->meter.size = size;
- stmt->meter.key = json_parse_expr(ctx, jkey);
+ stmt->meter.key = json_parse_set_elem_expr_stmt(ctx, jkey);
if (!stmt->meter.key) {
json_error(ctx, "Invalid meter key.");
stmt_free(stmt);
--
2.17.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
