[nft] fix integer type size to be used as a key for sets and maps
diff mbox series

Message ID 20180302163402.667dvgzsaq4rts6v@nevthink
State Changes Requested
Delegated to: Pablo Neira
Headers show
Series
  • [nft] fix integer type size to be used as a key for sets and maps
Related show

Commit Message

Laura Garcia March 2, 2018, 4:34 p.m. UTC
Includes the size of the type integer in order to be used
as a key in a map or set.

Without this patch we obtain the following error:

Error: unqualified key type integer specified in map definition
add map nftlb mapa { type integer : ipv4_addr; timeout 5s; }
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

After this patch, we can use an integer as a key for sets
and maps:

table ip nftlb {
	map mapa {
		type integer : ipv4_addr
	}

	set conjunto {
		type integer
	}
}

Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
---
 src/datatype.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Phil Sutter March 2, 2018, 5:58 p.m. UTC | #1
Hi Laura,

On Fri, Mar 02, 2018 at 05:34:02PM +0100, Laura Garcia Liebana wrote:
[...]
> diff --git a/src/datatype.c b/src/datatype.c
> index 324ac80..06015bb 100644
> --- a/src/datatype.c
> +++ b/src/datatype.c
> @@ -356,6 +356,7 @@ const struct datatype integer_type = {
>  	.type		= TYPE_INTEGER,
>  	.name		= "integer",
>  	.desc		= "integer",
> +	.size		= 4 * BITS_PER_BYTE,
>  	.print		= integer_type_print,
>  	.parse		= integer_type_parse,
>  };

I'm not sure this is going to work: integer_type is used as basetype for
many others, and there is at least lladdr_type which doesn't define a
size on it's own (and is larger than four bytes). Are you sure this
won't cause unexpected side-effects (like, e.g. lookups in sets
containing lladdr_type entries returning false-positives)?

Cheers, Phil
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Laura Garcia March 2, 2018, 7:04 p.m. UTC | #2
On Fri, Mar 02, 2018 at 06:58:44PM +0100, Phil Sutter wrote:
> Hi Laura,
> 
> On Fri, Mar 02, 2018 at 05:34:02PM +0100, Laura Garcia Liebana wrote:
> [...]
> > diff --git a/src/datatype.c b/src/datatype.c
> > index 324ac80..06015bb 100644
> > --- a/src/datatype.c
> > +++ b/src/datatype.c
> > @@ -356,6 +356,7 @@ const struct datatype integer_type = {
> >  	.type		= TYPE_INTEGER,
> >  	.name		= "integer",
> >  	.desc		= "integer",
> > +	.size		= 4 * BITS_PER_BYTE,
> >  	.print		= integer_type_print,
> >  	.parse		= integer_type_parse,
> >  };
> 
> I'm not sure this is going to work: integer_type is used as basetype for
> many others, and there is at least lladdr_type which doesn't define a
> size on it's own (and is larger than four bytes). Are you sure this
> won't cause unexpected side-effects (like, e.g. lookups in sets
> containing lladdr_type entries returning false-positives)?

It seems that this issue requires a more elaborated fix. I'll check
it out.

Thanks Phil.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch
diff mbox series

diff --git a/src/datatype.c b/src/datatype.c
index 324ac80..06015bb 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -356,6 +356,7 @@  const struct datatype integer_type = {
 	.type		= TYPE_INTEGER,
 	.name		= "integer",
 	.desc		= "integer",
+	.size		= 4 * BITS_PER_BYTE,
 	.print		= integer_type_print,
 	.parse		= integer_type_parse,
 };