From 89b60bc18ca76e45b1682d8c56a0d01fffedebad Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 25 Apr 2023 11:48:52 +0200
Subject: mnl: handle singleton element in netdevice set

expr_evaluate_set() turns sets with singleton element into value,
nft_dev_add() expects a list of expression, so it crashes.

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1676
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/shell/testcases/chains/0042chain_variable_0           | 4 ++++
 tests/shell/testcases/chains/dumps/0042chain_variable_0.nft | 4 ++++
 2 files changed, 8 insertions(+)

(limited to 'tests')

diff --git a/tests/shell/testcases/chains/0042chain_variable_0 b/tests/shell/testcases/chains/0042chain_variable_0
index 58535f76..f71b0415 100755
--- a/tests/shell/testcases/chains/0042chain_variable_0
+++ b/tests/shell/testcases/chains/0042chain_variable_0
@@ -25,11 +25,15 @@ table netdev filter2 {
 $NFT -f - <<< $EXPECTED
 
 EXPECTED="define if_main = { lo, dummy0 }
+define lan_interfaces = { lo }
 
 table netdev filter3 {
 	chain Main_Ingress3 {
 		type filter hook ingress devices = \$if_main priority -500; policy accept;
 	}
+	chain Main_Egress3 {
+		type filter hook egress devices = \$lan_interfaces priority -500; policy accept;
+	}
 }"
 
 $NFT -f - <<< $EXPECTED
diff --git a/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft b/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft
index 12931aad..5ec230d0 100644
--- a/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft
+++ b/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft
@@ -12,4 +12,8 @@ table netdev filter3 {
 	chain Main_Ingress3 {
 		type filter hook ingress devices = { dummy0, lo } priority -500; policy accept;
 	}
+
+	chain Main_Egress3 {
+		type filter hook egress device "lo" priority -500; policy accept;
+	}
 }
-- 
cgit v1.2.3