evaluate: verify named map is actually a map

# nft add set filter test { type ipv4_addr; } # nft filter input ip daddr vmap @test Before: <cmdline>:0:0-32: Error: Could not process rule: Invalid argument filter input ip daddr vmap @test ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ After: <cmdline>:1:28-32: Error: Expression is not a map filter input ip daddr vmap @test ^^^^^ Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Patrick McHardy <kaber@trash.net> 2015-01-12 11:06:17 +0000
committer: Patrick McHardy <kaber@trash.net> 2015-01-12 13:21:16 +0000
commit: 39d344742c1a4f9b94af0f659e63e0e4e1ffae4e (patch)
tree: 7aa7266a861960860f73477da2db18647ac54ba3
parent: 33ec59fb4a2d824c919d8f4bf881f49e5a952f54 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index d24d4ccf..651465aa 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -738,7 +738,8 @@ static int expr_evaluate_map(struct eval_ctx *ctx, struct expr **expr)
 	case EXPR_SYMBOL:
 		if (expr_evaluate(ctx, &map->mappings) < 0)
 			return -1;
-		if (map->mappings->ops->type != EXPR_SET_REF)
+		if (map->mappings->ops->type != EXPR_SET_REF ||
+		    !(map->mappings->set->flags & NFT_SET_MAP))
 			return expr_error(ctx->msgs, map->mappings,
 					  "Expression is not a map");
 		break;
author	Patrick McHardy <kaber@trash.net>	2015-01-12 11:06:17 +0000
committer	Patrick McHardy <kaber@trash.net>	2015-01-12 13:21:16 +0000
commit	39d344742c1a4f9b94af0f659e63e0e4e1ffae4e (patch)
tree	7aa7266a861960860f73477da2db18647ac54ba3
parent	33ec59fb4a2d824c919d8f4bf881f49e5a952f54 (diff)