diff options
| author | Florian Westphal <fw@strlen.de> | 2023-11-19 13:05:55 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-21 15:55:56 +0100 |
| commit | f7e50d965735636ab932e5280a3d562629a6a58b (patch) | |
| tree | 8198c566f6751eae22952d37c7549b45bca93317 | |
| parent | 8cdc78eba7792fc6b228d89198b38730a077259a (diff) | |
evaluate: fix rule replacement with anon sets
commit 256904b1ded6314974dddc75726149f7b19d33f4 upstream.
nft replace rule t c handle 3 'jhash ip protocol . ip saddr mod 170 vmap { 0-94 : goto wan1, 95-169 : goto wan2, 170-269 }"'
BUG: unhandled op 2
nft: src/evaluate.c:1748: interval_set_eval: Assertion `0' failed.
Fixes: 81e36530fcac ("src: replace interval segment tree overlap and automerge")
Reported-by: Tino Reichardt <milky-netfilter@mcmilk.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
| -rw-r--r-- | src/evaluate.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index fd7354e9..bc270416 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1571,6 +1571,7 @@ static int interval_set_eval(struct eval_ctx *ctx, struct set *set, switch (ctx->cmd->op) { case CMD_CREATE: case CMD_ADD: + case CMD_REPLACE: case CMD_INSERT: if (set->automerge) { ret = set_automerge(ctx->msgs, ctx->cmd, set, init, |