From b3ed8fd8c9f33230fa819a3ae500cd1a99025038 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 9 Nov 2021 12:15:44 +0100 Subject: cache: missing family in cache filtering Check family when filtering out listing of tables and sets. Fixes: 3f1d3912c3a6 ("cache: filter out tables that are not requested") Fixes: 635ee1cad8aa ("cache: filter out sets and maps that are not requested") Signed-off-by: Pablo Neira Ayuso --- src/cache.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/cache.c b/src/cache.c index 28604aab..e82e0b8d 100644 --- a/src/cache.c +++ b/src/cache.c @@ -194,14 +194,16 @@ static unsigned int evaluate_cache_list(struct nft_ctx *nft, struct cmd *cmd, { switch (cmd->obj) { case CMD_OBJ_TABLE: - if (filter && cmd->handle.table.name) + if (filter && cmd->handle.table.name) { + filter->list.family = cmd->handle.family; filter->list.table = cmd->handle.table.name; - + } flags |= NFT_CACHE_FULL; break; case CMD_OBJ_SET: case CMD_OBJ_MAP: if (filter && cmd->handle.table.name && cmd->handle.set.name) { + filter->list.family = cmd->handle.family; filter->list.table = cmd->handle.table.name; filter->list.set = cmd->handle.set.name; } @@ -439,7 +441,8 @@ static int set_cache_cb(struct nftnl_set *nls, void *arg) return -1; if (ctx->filter && ctx->filter->list.set && - (strcmp(ctx->filter->list.table, set->handle.table.name) || + (ctx->filter->list.family != set->handle.family || + strcmp(ctx->filter->list.table, set->handle.table.name) || strcmp(ctx->filter->list.set, set->handle.set.name))) { set_free(set); return 0; @@ -699,7 +702,8 @@ static int cache_init_tables(struct netlink_ctx *ctx, struct handle *h, list_del(&table->list); if (filter && filter->list.table && - (strcmp(filter->list.table, table->handle.table.name))) { + (filter->list.family != table->handle.family || + strcmp(filter->list.table, table->handle.table.name))) { table_free(table); continue; } -- cgit v1.2.3