44 lines
1.4 KiB
Diff
44 lines
1.4 KiB
Diff
From 4dbfa17097512b6b88805299223f93e90a072ea6 Mon Sep 17 00:00:00 2001
|
|
From: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Date: Wed, 12 Oct 2022 12:50:26 +0200
|
|
Subject: [PATCH] netlink_delinearize: do not transfer binary operation to
|
|
non-anonymous sets
|
|
|
|
Michael Braun says:
|
|
|
|
This results for nft list ruleset in
|
|
nft: netlink_delinearize.c:1945: binop_adjust_one: Assertion `value->len >= binop->right->len' failed.
|
|
|
|
This is due to binop_adjust_one setting value->len to left->len, which
|
|
is shorther than right->len.
|
|
|
|
Additionally, it does not seem correct to alter set elements from parsing a
|
|
rule, so remove that part all together.
|
|
|
|
Conflict: Remove supplementary test cases
|
|
Reference: https://git.netfilter.org/nftables/commit?id=4dbfa17097512b6b88805299223f93e90a072ea6
|
|
|
|
Reported-by: Michael Braun <michael-dev@fami-braun.de>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
---
|
|
src/netlink_delinearize.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
|
|
index 55bd0fd..ae6858d 100644
|
|
--- a/src/netlink_delinearize.c
|
|
+++ b/src/netlink_delinearize.c
|
|
@@ -2210,6 +2210,9 @@ static void __binop_adjust(const struct expr *binop, struct expr *right,
|
|
binop_adjust_one(binop, right, shift);
|
|
break;
|
|
case EXPR_SET_REF:
|
|
+ if (!set_is_anonymous(right->set->flags))
|
|
+ break;
|
|
+
|
|
list_for_each_entry(i, &right->set->init->expressions, list) {
|
|
switch (i->key->etype) {
|
|
case EXPR_VALUE:
|
|
--
|
|
2.33.0
|
|
|