diff options
author | Florian Westphal <fw@strlen.de> | 2018-04-18 14:07:09 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-04-18 23:25:10 +0200 |
commit | edf64f6c65e1ebd31713ece236df3de8f7ace444 (patch) | |
tree | 1b208530cc47cc461bda5b2d8611298795110504 /src | |
parent | 3baa28f24b3d70a7ee17d584c113a2c4e057a565 (diff) |
evaluate: reset eval context when evaluating set definitions
David reported nft chokes on this:
nft -f /tmp/A
/tmp/A:9:22-45: Error: datatype mismatch, expected concatenation of (IPv4 address, internet network service, IPv4 address), expression has type concatenation of (IPv4 address, internet network service)
cat /tmp/A
flush ruleset;
table ip filter {
set setA {
type ipv4_addr . inet_service . ipv4_addr
flags timeout
}
set setB {
type ipv4_addr . inet_service
flags timeout
}
}
Problem is we leak set definition details of setA to setB via eval
context, so reset this.
Also add test case for this.
Reported-by: David Fabian <david.fabian@bosson.cz>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
-rw-r--r-- | src/evaluate.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index db63494c..aee5b1c1 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -2974,6 +2974,7 @@ static int table_evaluate(struct eval_ctx *ctx, struct table *table) ctx->table = table; list_for_each_entry(set, &table->sets, list) { + expr_set_context(&ctx->ectx, NULL, 0); handle_merge(&set->handle, &table->handle); if (set_evaluate(ctx, set) < 0) return -1; |