diff options
author | Florian Westphal <fw@strlen.de> | 2016-01-04 20:53:52 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2016-01-04 20:53:52 +0100 |
commit | a468656bf33ea9d2ac9c4c0726fc7c14d245b6e3 (patch) | |
tree | 1de76712e506d668342e37f19b2c04c2c84abd2b | |
parent | 4a7973e1f7fb812f187ab50197a8fee748fa4047 (diff) |
netlink: only drop mask if it matches left known-size operand
During delinearization we attempt to remove masks, for instance
ip saddr $x/32. (mask matches the entire size).
However, in some special cases the lhs size is unknown (0), this
happens f.e. with
'ct saddr original 1.2.3.4/24' which had its '/24' chopped off.
Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r-- | src/netlink_delinearize.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index c4ffab50..841be609 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -331,12 +331,14 @@ static void netlink_parse_bitwise(struct netlink_parse_ctx *ctx, mpz_ior(m, m, o); } - if (mpz_scan0(m, 0) != left->len) { + if (left->len > 0 && mpz_scan0(m, 0) == left->len) { + /* mask encompasses the entire value */ + expr_free(mask); + } else { mpz_set(mask->value, m); expr = binop_expr_alloc(loc, OP_AND, expr, mask); expr->len = left->len; - } else - expr_free(mask); + } if (mpz_cmp_ui(x, 0)) { mpz_set(xor->value, x); |