rule: never merge across non-expression statements

The existing logic can merge across non-expression statements, if there is only one payload expression. Example: ether saddr 00:11:22:33:44:55 counter ether type 8021q is turned into counter ether saddr 00:11:22:33:44:55 ether type 8021q which isn't the same thing. Fix this up and add test cases for adjacent vlan and ip header fields. 'Counter' serves as a non-merge fence. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2023-09-28 23:27:55 +0200
committer: Florian Westphal <fw@strlen.de> 2023-09-29 12:36:33 +0200
commit: 99ab1b8feb16741a83fb8b887bacae8fa07d29a2 (patch)
tree: c8b67d32aa10bac630c3a873b8128af873bf4e45 /src/rule.c
parent: 15a7d710dc892c0e68f118ca3e6106c84b30a83b (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/src/rule.c b/src/rule.c
index 52c0672d..739b7a54 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -2744,10 +2744,8 @@ static void stmt_reduce(const struct rule *rule)
 
 		/* Must not merge across other statements */
 		if (stmt->ops->type != STMT_EXPRESSION) {
-			if (idx < 2)
-				continue;
-
-			payload_do_merge(sa, idx);
+			if (idx >= 2)
+				payload_do_merge(sa, idx);
 			idx = 0;
 			continue;
 		}
author	Florian Westphal <fw@strlen.de>	2023-09-28 23:27:55 +0200
committer	Florian Westphal <fw@strlen.de>	2023-09-29 12:36:33 +0200
commit	99ab1b8feb16741a83fb8b887bacae8fa07d29a2 (patch)
tree	c8b67d32aa10bac630c3a873b8128af873bf4e45 /src/rule.c
parent	15a7d710dc892c0e68f118ca3e6106c84b30a83b (diff)