From 65f537147234dd91edae8deb039723937aca94bd Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Fri, 18 Jun 2021 13:13:51 +0200 Subject: [PATCH] nftables-0.9.8-6.el9 - json: init parser state for every new buffer/file Resolves: rhbz#1973630 --- ...rser-state-for-every-new-buffer-file.patch | 38 +++++++++++++++++++ nftables.spec | 8 +++- 2 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 0015-json-init-parser-state-for-every-new-buffer-file.patch diff --git a/0015-json-init-parser-state-for-every-new-buffer-file.patch b/0015-json-init-parser-state-for-every-new-buffer-file.patch new file mode 100644 index 0000000..16a0630 --- /dev/null +++ b/0015-json-init-parser-state-for-every-new-buffer-file.patch @@ -0,0 +1,38 @@ +From 27f931c935f27a00fe0ecbe8c4bcb3be6ba41096 Mon Sep 17 00:00:00 2001 +From: Eric Garver +Date: Fri, 19 Feb 2021 10:11:26 -0500 +Subject: [PATCH] json: init parser state for every new buffer/file + +Otherwise invalid error states cause subsequent json parsing to fail +when it should not. + +Signed-off-by: Eric Garver +Signed-off-by: Phil Sutter +(cherry picked from commit 267338ec392346ef55ed51509e5f8e8354d6c19a) +--- + src/parser_json.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/parser_json.c b/src/parser_json.c +index 85d05ce27eef3..9bba77dad5f0d 100644 +--- a/src/parser_json.c ++++ b/src/parser_json.c +@@ -3893,6 +3893,7 @@ int nft_parse_json_buffer(struct nft_ctx *nft, const char *buf, + }; + int ret; + ++ parser_init(nft, nft->state, msgs, cmds, nft->top_scope); + nft->json_root = json_loads(buf, 0, NULL); + if (!nft->json_root) + return -EINVAL; +@@ -3921,6 +3922,7 @@ int nft_parse_json_filename(struct nft_ctx *nft, const char *filename, + json_error_t err; + int ret; + ++ parser_init(nft, nft->state, msgs, cmds, nft->top_scope); + nft->json_root = json_load_file(filename, 0, &err); + if (!nft->json_root) + return -EINVAL; +-- +2.31.1 + diff --git a/nftables.spec b/nftables.spec index fa46b84..560f7a6 100644 --- a/nftables.spec +++ b/nftables.spec @@ -1,6 +1,6 @@ Name: nftables Version: 0.9.8 -Release: 5%{?dist} +Release: 6%{?dist} # Upstream released a 0.100 version, then 0.4. Need Epoch to get back on track. Epoch: 1 Summary: Netfilter Tables userspace utillites @@ -27,7 +27,8 @@ Patch10: 0010-netlink-Avoid-memleak-in-error-path-of-netlink_delin.patch Patch11: 0011-netlink-Avoid-memleak-in-error-path-of-netlink_delin.patch Patch12: 0012-netlink_delinearize-Fix-suspicious-calloc-call.patch Patch13: 0013-rule-Fix-for-potential-off-by-one-in-cmd_add_loc.patch -patch14: 0014-src-add-xzalloc_array-and-use-it-to-allocate-the-exp.patch +Patch14: 0014-src-add-xzalloc_array-and-use-it-to-allocate-the-exp.patch +Patch15: 0015-json-init-parser-state-for-every-new-buffer-file.patch #BuildRequires: autogen #BuildRequires: autoconf @@ -137,6 +138,9 @@ sed -i -e 's/\(sofile=\)".*"/\1"'$sofile'"/' \ %{python3_sitelib}/nftables/ %changelog +* Fri Jun 18 2021 Phil Sutter - 1:0.9.8-6 +- json: init parser state for every new buffer/file + * Tue Jun 15 2021 Phil Sutter - 1:0.9.8-5 - src: add xzalloc_array() and use it to allocate the expression hashtable