netlink_delinearize: skip flags / mask notation for singleton bitmask

Do not transform 'tcp flags & flag == flag' to 'flag / flag'. The parser does not accept this notation yet. Fixes: c3d57114f119 ("parser_bison: add shortcut syntax for matching flags without binary operations") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2021-07-27 22:26:52 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2021-07-28 00:31:32 +0200
commit: 347a4aa16e64b8708d61eeb074736bea02258d1d (patch)
tree: 054b49b7e70a6db2fd6ca711c2453c2de8d7c946 /src/netlink_delinearize.c
parent: 2acc8776e8b436566fc7d73161ef08e6b77b0c45 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index c7dae266..49870eea 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -2285,6 +2285,14 @@ static void relational_binop_postprocess(struct rule_pp_ctx *ctx,
 					BUG("unknown operation type %d\n", expr->op);
 				}
 				expr_free(binop);
+			} else if (binop->right->etype == EXPR_VALUE &&
+				   value->etype == EXPR_VALUE &&
+				   expr->op == OP_EQ &&
+				   !mpz_cmp(value->value, binop->right->value)) {
+				/* Skip flag / flag representation for:
+				 * data & flag == flag
+				 */
+				;
 			} else {
 				*exprp = flagcmp_expr_alloc(&expr->location, expr->op,
 							    expr_get(binop->left),
author	Pablo Neira Ayuso <pablo@netfilter.org>	2021-07-27 22:26:52 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2021-07-28 00:31:32 +0200
commit	347a4aa16e64b8708d61eeb074736bea02258d1d (patch)
tree	054b49b7e70a6db2fd6ca711c2453c2de8d7c946 /src/netlink_delinearize.c
parent	2acc8776e8b436566fc7d73161ef08e6b77b0c45 (diff)