fw4: prevent null access when no ipsets are defined

When rules are configured which reference ipsets and no ipsets are declared
at all, fw4 crashed with a null reference exception while validating the
rule.

Solve the issue by using the optional chaining operator on the potentially
null filter result.

Ref: https://forum.openwrt.org/t/x/144176
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc
index 47e86cd7dd2a0f87caeccde51710330199905fd3..5dce90dd09c2657f8fcc6dda0dfddb4f4ad13f91 100644 (file)
--- a/root/usr/share/ucode/fw4.uc
+++ b/root/usr/share/ucode/fw4.uc
@@ -2305,7 +2305,7 @@ return {
                let ipset;
 
                if (rule.ipset) {
-                       ipset = filter(this.state.ipsets, s => (s.name == rule.ipset.name))[0];
+                       ipset = filter(this.state.ipsets, s => (s.name == rule.ipset.name))?.[0];
 
                        if (!ipset) {
                                this.warn_section(data, `references unknown set '${rule.ipset.name}'`);
@@ -2605,7 +2605,7 @@ return {
                let ipset;
 
                if (redir.ipset) {
-                       ipset = filter(this.state.ipsets, s => (s.name == redir.ipset.name))[0];
+                       ipset = filter(this.state.ipsets, s => (s.name == redir.ipset.name))?.[0];
 
                        if (!ipset) {
                                this.warn_section(data, `references unknown set '${redir.ipset.name}'`);