From 98593d384397578b7ad1d0f6cbbda1e2f560ffc2 Mon Sep 17 00:00:00 2001
From: Vadim Kurland <vadim@netcitadel.com>
Date: Thu, 7 Jul 2011 18:58:46 -0700
Subject: [PATCH] see #2191 "Crash when compiling a route with table object".
 Compiler for PF crashed when run-time AddressTable object was used in RDst of
 a routing rule.

---
 doc/ChangeLog                                 |  5 +++
 .../src/fwcompiler/RoutingCompiler.cpp        | 33 +++++++++++++++++++
 .../src/fwcompiler/RoutingCompiler.h          | 20 +++++++++++
 src/pflib/RoutingCompiler_openbsd.cpp         |  3 ++
 4 files changed, 61 insertions(+)

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 22a0711b2..c4e5b0e00 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,5 +1,10 @@
 2011-07-07  Vadim Kurland  <vadim@netcitadel.com>
 
+	* RoutingCompiler.cpp (processNext): see #2191 "Crash when
+	compiling a route with table object". Compiler for PF crashed
+	when run-time AddressTable object was used in RDst of a routing
+	rule.
+
 	* PFImporter.cpp (makeAddressObj): see #2546 "PF import - negation
 	inside of inline tables is ignored". Since we can not import
 	address lists or tables that contain a mix of negated and
diff --git a/src/libfwbuilder/src/fwcompiler/RoutingCompiler.cpp b/src/libfwbuilder/src/fwcompiler/RoutingCompiler.cpp
index d739fcb77..9c78ecbbf 100644
--- a/src/libfwbuilder/src/fwcompiler/RoutingCompiler.cpp
+++ b/src/libfwbuilder/src/fwcompiler/RoutingCompiler.cpp
@@ -32,6 +32,7 @@
 
 #include "RoutingCompiler.h"
 
+#include "fwbuilder/AddressTable.h"
 #include "fwbuilder/AddressRange.h"
 #include "fwbuilder/RuleElement.h"
 #include "fwbuilder/Network.h"
@@ -53,6 +54,7 @@
 #include "fwbuilder/XMLTools.h"
 #include "fwbuilder/FWException.h"
 #include "fwbuilder/Group.h"
+#include "fwbuilder/MultiAddress.h"
 
 #include <iostream>
 #include <iomanip>
@@ -831,4 +833,35 @@ bool RoutingCompiler::createSortedDstIdsLabel::processNext()
     return true;
 }
 
+/*
+ * This is identical to 
+ * PolicyCompiler_ipf::processMultiAddressObjectsInRE::processNext()
+ * TODO: move the code to the class Compiler so it can be reused.
+ */
+bool RoutingCompiler::processMultiAddressObjectsInRE::processNext()
+{
+    RoutingRule *rule = getNext(); if (rule==NULL) return false;
+    RuleElement *re = RuleElement::cast( rule->getFirstByType(re_type) );
+
+    for (FWObject::iterator i=re->begin(); i!=re->end(); i++)
+    {
+        FWObject *o= *i;
+        if (FWReference::cast(o)!=NULL) o=FWReference::cast(o)->getPointer();
+        MultiAddressRunTime *atrt = MultiAddressRunTime::cast(o);
+        if (atrt!=NULL && atrt->getSubstitutionTypeName()==AddressTable::TYPENAME)
+            compiler->abort(
+                rule, 
+                "Run-time AddressTable objects are not supported.");
+
+        AddressTable *at = AddressTable::cast(o);
+        if (at && at->isRunTime())
+            compiler->abort(
+                rule, 
+                "Run-time AddressTable objects are not supported.");
+    }
+
+    tmp_queue.push_back(rule);
+    return true;
+}
+
 
diff --git a/src/libfwbuilder/src/fwcompiler/RoutingCompiler.h b/src/libfwbuilder/src/fwcompiler/RoutingCompiler.h
index cc546fb16..dbbf237bf 100644
--- a/src/libfwbuilder/src/fwcompiler/RoutingCompiler.h
+++ b/src/libfwbuilder/src/fwcompiler/RoutingCompiler.h
@@ -230,6 +230,26 @@ namespace fwcompiler
         };
         friend class RoutingCompiler::classifyRoutingRules;
 
+        /**
+         * Placeholders for MultiAddressRunTime objects
+         */
+        class processMultiAddressObjectsInRE : public RoutingRuleProcessor
+        {
+            std::string re_type;
+            public:
+            processMultiAddressObjectsInRE(const std::string &name,
+                      const std::string &t) : RoutingRuleProcessor(name) { re_type=t; }
+            virtual bool processNext();
+        };
+
+        class processMultiAddressObjectsInRDst : public processMultiAddressObjectsInRE
+        {
+            public:
+            processMultiAddressObjectsInRDst(const std::string &n) :
+                processMultiAddressObjectsInRE(
+                    n, libfwbuilder::RuleElementRDst::TYPENAME) {}
+        };
+        
         /**
          * detects if rules r1 and r2 are identical (that is, have the
          * same effect, rather than use the same objects)
diff --git a/src/pflib/RoutingCompiler_openbsd.cpp b/src/pflib/RoutingCompiler_openbsd.cpp
index 95650b5aa..36624b253 100644
--- a/src/pflib/RoutingCompiler_openbsd.cpp
+++ b/src/pflib/RoutingCompiler_openbsd.cpp
@@ -207,6 +207,9 @@ void RoutingCompiler_openbsd::compile()
 
     add(new addressRangesInDst("process address ranges"));
 
+    add( new processMultiAddressObjectsInRDst(
+             "process MultiAddress objects in RDst") );
+
     //add(new eliminateDuplicatesInDST("Eliminate duplicates in DST"));
 
     add(new FindDefaultRoute("Find rules that install default route"));