path: root/src/evaluate.c
diff options
authorFlorian Westphal <>2018-04-18 14:07:09 +0200
committerFlorian Westphal <>2018-04-18 23:25:10 +0200
commitedf64f6c65e1ebd31713ece236df3de8f7ace444 (patch)
tree1b208530cc47cc461bda5b2d8611298795110504 /src/evaluate.c
parent3baa28f24b3d70a7ee17d584c113a2c4e057a565 (diff)
evaluate: reset eval context when evaluating set definitions
David reported nft chokes on this: nft -f /tmp/A /tmp/A:9:22-45: Error: datatype mismatch, expected concatenation of (IPv4 address, internet network service, IPv4 address), expression has type concatenation of (IPv4 address, internet network service) cat /tmp/A flush ruleset; table ip filter { set setA { type ipv4_addr . inet_service . ipv4_addr flags timeout } set setB { type ipv4_addr . inet_service flags timeout } } Problem is we leak set definition details of setA to setB via eval context, so reset this. Also add test case for this. Reported-by: David Fabian <> Signed-off-by: Florian Westphal <>
Diffstat (limited to 'src/evaluate.c')
1 files changed, 1 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index db63494c..aee5b1c1 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2974,6 +2974,7 @@ static int table_evaluate(struct eval_ctx *ctx, struct table *table)
ctx->table = table;
list_for_each_entry(set, &table->sets, list) {
+ expr_set_context(&ctx->ectx, NULL, 0);
handle_merge(&set->handle, &table->handle);
if (set_evaluate(ctx, set) < 0)
return -1;