tests: shell: cover refcount leak of mapping rhs

Add a test to cover reference count leak in maps by adding twice same element, then flush. Reported-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2023-06-27 14:12:53 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2023-06-27 14:15:11 +0200
commit: 55a8685e18ed2f49142a8e2e9f9c79566cc29871 (patch)
tree: 9eb2830105cdb301ed05ad4000384741cc95e4b4
parent: db6e4496fe57eceeecad6f7d8f4307ca059bc91b (diff)
1 files changed, 38 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/0016map_leak_0 b/tests/shell/testcases/maps/0016map_leak_0
new file mode 100755
index 00000000..e110ee4b
--- /dev/null
+++ b/tests/shell/testcases/maps/0016map_leak_0
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+set -e
+
+RULESET="table ip t {
+        map sourcemap {
+                type ipv4_addr : verdict
+                elements = { 100.123.10.2 : jump c }
+        }
+
+        chain c {
+        }
+}"
+
+$NFT -f - <<< "$RULESET"
+# again, since it is addition, not creation, it is successful
+$NFT -f - <<< "$RULESET"
+# flush it to check for refcount leak
+$NFT flush ruleset
+
+#
+# again with stateful objects
+#
+
+RULESET="table ip t {
+	counter c {}
+
+        map sourcemap {
+                type ipv4_addr : counter
+                elements = { 100.123.10.2 : \"c\" }
+        }
+}"
+
+$NFT -f - <<< "$RULESET"
+# again, since it is addition, not creation, it is successful
+$NFT -f - <<< "$RULESET"
+# flush it to check for refcount leak
+$NFT flush ruleset
author	Pablo Neira Ayuso <pablo@netfilter.org>	2023-06-27 14:12:53 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2023-06-27 14:15:11 +0200
commit	55a8685e18ed2f49142a8e2e9f9c79566cc29871 (patch)
tree	9eb2830105cdb301ed05ad4000384741cc95e4b4
parent	db6e4496fe57eceeecad6f7d8f4307ca059bc91b (diff)