evaluate: reset eval context when evaluating set definitions

David reported nft chokes on this:
nft -f /tmp/A
/tmp/A:9:22-45: Error: datatype mismatch, expected concatenation of (IPv4 address, internet network service, IPv4 address), expression has type concatenation of (IPv4 address, internet network service)
cat /tmp/A
flush ruleset;
table ip filter {
	set setA {
		type ipv4_addr . inet_service . ipv4_addr
		flags timeout
	}
	set setB {
		type ipv4_addr . inet_service
		flags timeout
	}
}

Problem is we leak set definition details of setA to setB via eval
context, so reset this.

Also add test case for this.

Reported-by: David Fabian <david.fabian@bosson.cz>
Signed-off-by: Florian Westphal <fw@strlen.de>

3 files changed, 18 insertions, 0 deletions

diff --git a/src/evaluate.c b/src/evaluate.c
index db63494c..aee5b1c1 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2974,6 +2974,7 @@ static int table_evaluate(struct eval_ctx *ctx, struct table *table)
 
 	ctx->table = table;
 	list_for_each_entry(set, &table->sets, list) {
+		expr_set_context(&ctx->ectx, NULL, 0);
 		handle_merge(&set->handle, &table->handle);
 		if (set_evaluate(ctx, set) < 0)
 			return -1;
diff --git a/tests/shell/testcases/sets/0032restore_set_simple_0 b/tests/shell/testcases/sets/0032restore_set_simple_0
new file mode 100755
index 00000000..07820b7c
--- /dev/null
+++ b/tests/shell/testcases/sets/0032restore_set_simple_0
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -e
+dumpfile=$(dirname $0)/dumps/$(basename $0).nft
+
+$NFT -f "$dumpfile"
diff --git a/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.nft b/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.nft
new file mode 100644
index 00000000..86c55491
--- /dev/null
+++ b/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.nft
@@ -0,0 +1,11 @@
+table ip filter {
+	set setA {
+		type ipv4_addr . inet_service . ipv4_addr
+		flags timeout
+	}
+
+	set setB {
+		type ipv4_addr . inet_service
+		flags timeout
+	}
+}