Included bogo will cause a crash but this is the evaluation
stage where we can just emit an error instead.
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
I wonder if we should just replace all BUGs in evaluate.c
with expr_error() calls, it avoids constant whack-a-mole.
src/evaluate.c | 3 ++-
.../bogons/nft-f/invalid_basetype_verdict_assert | 11 +++++++++++
2 files changed, 13 insertions(+), 1 deletion(-)
create mode 100644 tests/shell/testcases/bogons/nft-f/invalid_basetype_verdict_assert
diff --git a/src/evaluate.c b/src/evaluate.c
index 9c7f23cb080e..de054f82d55f 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -482,7 +482,8 @@ static int expr_evaluate_value(struct eval_ctx *ctx, struct expr **expr)
return -1;
break;
default:
- BUG("invalid basetype %s\n", expr_basetype(*expr)->name);
+ return expr_error(ctx->msgs, *expr, "Unexpected basetype %s",
+ expr_basetype(*expr)->name);
}
return 0;
}
diff --git a/tests/shell/testcases/bogons/nft-f/invalid_basetype_verdict_assert b/tests/shell/testcases/bogons/nft-f/invalid_basetype_verdict_assert
new file mode 100644
index 000000000000..f85ce7fe342c
--- /dev/null
+++ b/tests/shell/testcases/bogons/nft-f/invalid_basetype_verdict_assert
@@ -0,0 +1,11 @@
+table ip t {
+ map m {
+ type ipv4_addr . inet_service : ipv4_addr . verdict
+ elements = { 10.0.0.1 . 42 : 10.1.1.1 . 0 }
+ }
+
+ chain c {
+ type nat hook prerouting priority dstnat; policy accept;
+ dnat ip to ip saddr . tcp dport map @m
+ }
+}
--
2.49.0
