From patchwork Wed May 28 09:47:34 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Alvaro Neira <alvaroneay@gmail.com>
X-Patchwork-Id: 353315
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id BDD5E1400A3
	for <incoming@patchwork.ozlabs.org>;
	Wed, 28 May 2014 19:48:20 +1000 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751362AbaE1JsT (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Wed, 28 May 2014 05:48:19 -0400
Received: from mail-wg0-f49.google.com ([74.125.82.49]:36066 "EHLO
	mail-wg0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751001AbaE1JsS (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Wed, 28 May 2014 05:48:18 -0400
Received: by mail-wg0-f49.google.com with SMTP id m15so10970996wgh.32
	for <netfilter-devel@vger.kernel.org>;
	Wed, 28 May 2014 02:48:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=from:to:subject:date:message-id:in-reply-to:references:mime-version
	:content-type:content-transfer-encoding;
	bh=Xb07JiC/nkWu4S3Roz4BhjeXhhHS7z9Vy0epxb8nDFc=;
	b=tFYbte/7FhVeszNRmjqVuEtBqomr7qWa9KwKzvd0nWca+cmWcTYZXXouKU5F2jMWvu
	b1F632qmSdYdQUm/CGAJ7oBsjcKk6b6ZHndgJXY9E3Spgq42Mu7Ok0a7lC/GonxevHb4
	7gowVkQG3HNL/SHmeq7RoQWIAuUO0WlpO5EQ0QugnD0Gvu9Byx8aHj5fTSK+FVc8xrAU
	uvxeYrrWexPNF2yklP6+Ud3K/nxcg3pX9s5ifBL68quCsIeBRs1sEFacEOcn64i8/t2q
	mCU8yGvZZntpoRN4on7I2jIvZGoP009tIgySqjrgVMb/Gu1PZYXBqDcAq833V5iDAsez
	sheQ==
X-Received: by 10.180.211.106 with SMTP id nb10mr47096784wic.9.1401270497281;
	Wed, 28 May 2014 02:48:17 -0700 (PDT)
Received: from localhost.localdomain (186.169.216.87.static.jazztel.es.
	[87.216.169.186]) by mx.google.com with ESMTPSA id
	q2sm15487867wix.5.2014.05.28.02.48.16
	for <netfilter-devel@vger.kernel.org>
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 28 May 2014 02:48:16 -0700 (PDT)
From: Alvaro Neira Ayuso <alvaroneay@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: [nftables PATCH v2] payload: Relax assert in function
	payload_expr_pctx_update
Date: Wed, 28 May 2014 11:47:34 +0200
Message-Id: <1401270454-11669-1-git-send-email-alvaroneay@gmail.com>
X-Mailer: git-send-email 1.7.10.4
In-Reply-To: <1401203097-26180-1-git-send-email-alvaroneay@gmail.com>
References: <1401203097-26180-1-git-send-email-alvaroneay@gmail.com>
MIME-Version: 1.0
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

From: Álvaro Neira Ayuso <alvaroneay@gmail.com>

If we add this rule:

sudo nft add rule ip test input ip protocol != icmp

and we try to list the rules in the table test, nftables
show this error:

nft: src/payload.c:76: payload_expr_pctx_update: Assertion `expr->op
== OP_EQ' failed.

This patch relaxes this assert adding another clause like
the expr operation can be non equal, not only equal.

Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
---
[changes in v2]
* I have rewritten the title and the description of this patch

 src/payload.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/payload.c b/src/payload.c
index a1785a5..b9ad6f7 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -73,7 +73,7 @@ static void payload_expr_pctx_update(struct proto_ctx *ctx,
 	if (!(left->flags & EXPR_F_PROTOCOL))
 		return;
 
-	assert(expr->op == OP_EQ);
+	assert(expr->op == OP_EQ || expr->op == OP_NEQ);
 	base = ctx->protocol[left->payload.base].desc;
 	desc = proto_find_upper(base, mpz_get_uint32(right->value));