diff options
author | Florian Westphal <fw@strlen.de> | 2023-05-01 18:51:19 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-02 11:56:19 +0100 |
commit | d10bad1f7df9910df3dd2c852b742bf4ae1a98ab (patch) | |
tree | dbe13132d35d1c2477476eb639a29322e5d6cb56 /src | |
parent | d4bfb1035b7e6b7fe9baa2f64a7d8c7b5b5a59e7 (diff) |
netlink: restore typeof interval map data type
commit 0583bac241ea18c9d7f61cb20ca04faa1e043b78 upstream.
When "typeof ... : interval ..." gets used, existing logic
failed to validate the expressions.
"interval" means that kernel reserves twice the size,
so consider this when validating and restoring.
Also fix up the dump file of the existing test
case to be symmetrical.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
-rw-r--r-- | src/netlink.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/netlink.c b/src/netlink.c index 5130f6c4..4cf1a98d 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1024,10 +1024,15 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx, list_splice_tail(&set_parse_ctx.stmt_list, &set->stmt_list); if (datatype) { + uint32_t dlen; + dtype = set_datatype_alloc(datatype, databyteorder); klen = nftnl_set_get_u32(nls, NFTNL_SET_DATA_LEN) * BITS_PER_BYTE; - if (set_udata_key_valid(typeof_expr_data, klen)) { + dlen = data_interval ? klen / 2 : klen; + + if (set_udata_key_valid(typeof_expr_data, dlen)) { + typeof_expr_data->len = klen; datatype_free(datatype_get(dtype)); set->data = typeof_expr_data; } else { |