From 54eb1e16cc4787906fe8206858f0ea0bfb9c1209 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 7 Jun 2020 15:23:21 +0200
Subject: evaluate: missing datatype definition in implicit_set_declaration()

set->data from implicit_set_declaration(), otherwise, set_evaluation()
bails out with:

 # nft -f /etc/nftables/inet-filter.nft
 /etc/nftables/inet-filter.nft:8:32-54: Error: map definition does not specify
 mapping data type
                tcp dport vmap { 22 : jump ssh_input }
                               ^^^^^^^^^^^^^^^^^^^^^^^
 /etc/nftables/inet-filter.nft:13:26-52: Error: map definition does not specify
 mapping data type
                 iif vmap { "eth0" : jump wan_input }
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^

Add a test to cover this case.

Fixes: 7aa08d45031e ("evaluate: Perform set evaluation on implicitly declared (anonymous) sets")
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=208093
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/shell/testcases/maps/dumps/0009vmap_0 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 tests/shell/testcases/maps/dumps/0009vmap_0

(limited to 'tests/shell/testcases/maps/dumps')

diff --git a/tests/shell/testcases/maps/dumps/0009vmap_0 b/tests/shell/testcases/maps/dumps/0009vmap_0
new file mode 100644
index 00000000..540a8af8
--- /dev/null
+++ b/tests/shell/testcases/maps/dumps/0009vmap_0
@@ -0,0 +1,13 @@
+table inet filter {
+	chain ssh_input {
+	}
+
+	chain wan_input {
+		tcp dport vmap { 22 : jump ssh_input }
+	}
+
+	chain prerouting {
+		type filter hook prerouting priority -300; policy accept;
+		iif vmap { "lo" : jump wan_input }
+	}
+}
-- 
cgit v1.2.3