diff options
author | Florian Westphal <fw@strlen.de> | 2021-11-17 14:26:21 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2021-11-17 15:19:10 +0100 |
commit | 7ab453a033c9afda1d3f339263e482d6ab1f664f (patch) | |
tree | a897a690eaadc68329522e0fbf865be513072977 /src | |
parent | a5c4a5365e141dce83343233c83f4e7facb02ceb (diff) |
monitor: do not call interval_map_decompose() for concat intervals
Without this, nft monitor will either print garbage or even segfault
when encountering a concat set because we pass expr->value to libgmp
helpers for concat (non-value) expressions.
Also, for concat case, we need to call concat_range_aggregate() helper.
Add a test case for this. Without this patch, it gives:
tests/monitor/run-tests.sh: line 98: 1163 Segmentation fault
(core dumped) $nft -nn -e -f $command_file > $echo_output
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
-rw-r--r-- | src/monitor.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/monitor.c b/src/monitor.c index 8ecb7d19..7fa92ebf 100644 --- a/src/monitor.c +++ b/src/monitor.c @@ -533,8 +533,13 @@ static int netlink_events_obj_cb(const struct nlmsghdr *nlh, int type, static void rule_map_decompose_cb(struct set *s, void *data) { - if (set_is_interval(s->flags) && set_is_anonymous(s->flags)) + if (!set_is_anonymous(s->flags)) + return; + + if (set_is_non_concat_range(s)) interval_map_decompose(s->init); + else if (set_is_interval(s->flags)) + concat_range_aggregate(s->init); } static int netlink_events_rule_cb(const struct nlmsghdr *nlh, int type, |