diff options
author | Florian Westphal <fw@strlen.de> | 2022-04-09 15:58:27 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-04-13 13:43:33 +0200 |
commit | 403936c1ffa34bc597d7ee0792154fc6c6b483f2 (patch) | |
tree | 4e2f72fb80b432533715c4e94f0c35a71e7a2d6a | |
parent | ada50f84bf5a1475549f3f372834812e7cd8d675 (diff) |
evaluate: string prefix expression must retain original length
To make something like "eth*" work for interval sets (match
eth0, eth1, and so on...) we must treat the string as a 128 bit
integer.
Without this, segtree will do the wrong thing when applying the prefix,
because we generate the prefix based on 'eth*' as input, with a length of 3.
The correct import needs to be done on "eth\0\0\0\0\0\0\0...", i.e., if
the input buffer were an ipv6 address, it should look like "eth\0::",
not "::eth".
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/evaluate.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index a20cc396..78862313 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -338,9 +338,11 @@ static int expr_evaluate_string(struct eval_ctx *ctx, struct expr **exprp) *exprp = value; return 0; } + + data[datalen] = 0; value = constant_expr_alloc(&expr->location, ctx->ectx.dtype, BYTEORDER_HOST_ENDIAN, - datalen * BITS_PER_BYTE, data); + expr->len, data); prefix = prefix_expr_alloc(&expr->location, value, datalen * BITS_PER_BYTE); |