[Bug 1490] New: incorrect handling of json_unpack return value in json_verify_metainfo
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Jan 14 19:25:10 CET 2021
https://bugzilla.netfilter.org/show_bug.cgi?id=1490
Bug ID: 1490
Summary: incorrect handling of json_unpack return value in
json_verify_metainfo
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: minor
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: niels at qacafe.com
According to the libjansson documenatation, json_unpack returns 0 on success
and -1 on failure:
https://jansson.readthedocs.io/en/latest/apiref.html#c.json_unpack
However, json_verify_metainfo in src/parser_json.c calls json_unpack but treats
a non-zero return value as a failure:
https://git.netfilter.org/nftables/tree/src/parser_json.c#n3748
The documentation indicates that the metainfo object can provided as input in
order to verify that nft supports a given JSON schema version:
https://git.netfilter.org/nftables/tree/doc/libnftables-json.adoc#n66
However, the bug makes it appear that nft supports *any* schema version. The
only way to make nft reject the schema version is to encode the
"json_schema_version" field as something other than an integer, which causes
json_verify_metainfo to compare the uninitialized local variable schema_version
against JSON_SCHEMA_VERSION, leading to a confusing error message:
# nft -jae '{"nftables": [{"metainfo": {"json_schema_version": 999}}]}'
{"nftables": [{"metainfo": {"json_schema_version": 999}}]}
# echo $?
0
# nft -jae '{"nftables": [{"metainfo": {"json_schema_version": "1"}}]}'
internal:0:0-0: Error: Schema version 31509440 not supported, maximum supported
version is 1
internal:0:0-0: Error: Metainfo verification failed.
# echo $?
1
Please let me know if I can provide any other information. I'm using nft
v0.9.6, but it looks to me like the bug still exists in master.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20210114/a1123def/attachment.html>
More information about the netfilter-buglog
mailing list