Message ID | 20230323165855.559837-6-pablo@netfilter.org |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
Series | mark statement support for non-constant expression | expand |
On Thu, Mar 23, 2023 at 05:58:48PM +0100, Pablo Neira Ayuso wrote: > Otherwise expr_evaluate_value() fails with invalid datatype: > > # nft --debug=netlink add rule ip x y 'ct mark set ip dscp & 0x0f << 1' > BUG: invalid basetype invalid > nft: evaluate.c:440: expr_evaluate_value: Assertion `0' failed. > > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > --- > src/evaluate.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/src/evaluate.c b/src/evaluate.c > index 33b1aad72f66..1ee9bdc5aa47 100644 > --- a/src/evaluate.c > +++ b/src/evaluate.c > @@ -1308,6 +1308,7 @@ static int expr_evaluate_shift(struct eval_ctx *ctx, struct expr **expr) > if (byteorder_conversion(ctx, &op->right, BYTEORDER_HOST_ENDIAN) < 0) > return -1; > > + op->dtype = &integer_type; I have updated this patch to use: datatype_set(op, &integer_type); before pushing out this batch. otherwise, datatype leak is possible. > op->byteorder = BYTEORDER_HOST_ENDIAN; > op->len = max_shift_len; > > -- > 2.30.2 >
diff --git a/src/evaluate.c b/src/evaluate.c index 33b1aad72f66..1ee9bdc5aa47 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1308,6 +1308,7 @@ static int expr_evaluate_shift(struct eval_ctx *ctx, struct expr **expr) if (byteorder_conversion(ctx, &op->right, BYTEORDER_HOST_ENDIAN) < 0) return -1; + op->dtype = &integer_type; op->byteorder = BYTEORDER_HOST_ENDIAN; op->len = max_shift_len;
Otherwise expr_evaluate_value() fails with invalid datatype: # nft --debug=netlink add rule ip x y 'ct mark set ip dscp & 0x0f << 1' BUG: invalid basetype invalid nft: evaluate.c:440: expr_evaluate_value: Assertion `0' failed. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- src/evaluate.c | 1 + 1 file changed, 1 insertion(+)