summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-10-01 14:51:24 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-10-03 12:19:35 +0200
commit95629758a5ec36313d839f8545fef0dc220408d8 (patch)
tree87d41f7f29438af6b5ca75731282c22d0dc57a2b /include
parent2e0ea44c99e466ea0bcb6aca5de95e2c7284f09c (diff)
segtree: bogus range via get set element on existing elements
table ip x { set y { type inet_service flags interval elements = { 10, 20-30, 40, 50-60 } } } # nft get element x y { 20-40 } table ip x { set y { type inet_service flags interval elements = { 20-40 } } } 20 and 40 exist in the tree, but they are part of different ranges. This patch adds a new get_set_decompose() function to validate that the left and the right side of the range. Reported-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/expression.h2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/expression.h b/include/expression.h
index fb52abfe..d6977c3a 100644
--- a/include/expression.h
+++ b/include/expression.h
@@ -453,7 +453,7 @@ extern void interval_map_decompose(struct expr *set);
extern struct expr *get_set_intervals(const struct set *set,
const struct expr *init);
struct table;
-extern void get_set_decompose(struct table *table, struct set *set);
+extern int get_set_decompose(struct table *table, struct set *set);
extern struct expr *mapping_expr_alloc(const struct location *loc,
struct expr *from, struct expr *to);