On Wed, Dec 06, 2023 at 12:52:00PM +0100, Florian Westphal wrote: > tcp option 254 length ge 4 > > ... will segfault. > The crash bug is that tcpopt_expr_alloc() can return NULL if we cannot > find a suitable template for the requested kind + field combination, > so add the needed error handling in the bison parser. > > However, we can handle this. NOP and EOL have templates, all other > options (known or unknown) must also have a length field. > > So also add a fallback template to handle both kind and length, even > if only a numeric option is given that nft doesn't recognize. > > Don't bother with output, above will be printed via raw syntax, i.e. > tcp option @254,8,8 >= 4. Patch LGTM, please push it out. Thanks.
