fw4: fix potential crashes when parsing invalid redirect sections

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc
index 66cc8f67f539d1993e028fc36591ea77faf3413f..91f472bafe00217099b7307c830dda505b829ef9 100644 (file)
--- a/root/usr/share/ucode/fw4.uc
+++ b/root/usr/share/ucode/fw4.uc
@@ -2425,16 +2425,16 @@ return {
 
                if (redir.target == "dnat") {
                        if (!redir.src)
-                               return this.warn_section(r, "has no source specified");
+                               return this.warn_section(data, "has no source specified");
                        else if (redir.src.any)
-                               return this.warn_section(r, "must not have source '*' for dnat target");
+                               return this.warn_section(data, "must not have source '*' for dnat target");
                        else if (redir.dest_ip && redir.dest_ip.invert)
-                               return this.warn_section(r, "must not specify a negated 'dest_ip' value");
+                               return this.warn_section(data, "must not specify a negated 'dest_ip' value");
                        else if (redir.dest_ip && length(filter(redir.dest_ip.addrs, a => a.bits == -1)))
                                return this.warn_section(data, "must not use non-contiguous masks in 'dest_ip'");
 
                        if (!redir.dest && redir.dest_ip && resolve_dest(redir))
-                               this.warn_section(r, "does not specify a destination, assuming '" + redir.dest.zone.name + "'");
+                               this.warn_section(data, "does not specify a destination, assuming '" + redir.dest.zone.name + "'");
 
                        if (!redir.dest_port)
                                redir.dest_port = redir.src_dport;