evaluate: set: Fix nested set merge size adjustment

When merging a nested set into the parent one, we are actually replacing one item with the items of the nested set. Therefore we have to remove the replaced item from size. The respective bug isn't as easy to trigger, since the size field seems to be relevant only when set elements are ranges which are checked for overlaps. Here's an example of how to trigger it: | add rule ip saddr { { 1.1.1.0/24, 3.3.3.0/24 }, 2.2.2.0/24 } Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2017-03-20 17:38:56 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2017-03-21 14:17:49 +0100
commit: 675dc8b9cfb50025c964326014d2ec4d312f58ce (patch)
tree: 0066248b708630e99b9a1b5fee2373a7744f1776 /src
parent: a6b75b837f5e851c80f8f2dc508b11f1693af1b3 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 86ff8ebd..b5db724c 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1149,7 +1149,7 @@ static int expr_evaluate_set(struct eval_ctx *ctx, struct expr **expr)
 			/* Merge recursive set definitions */
 			list_splice_tail_init(&i->expressions, &i->list);
 			list_del(&i->list);
-			set->size      += i->size;
+			set->size      += i->size - 1;
 			set->set_flags |= i->set_flags;
 			expr_free(i);
 		} else if (!expr_is_singleton(i))
author	Phil Sutter <phil@nwl.cc>	2017-03-20 17:38:56 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-03-21 14:17:49 +0100
commit	675dc8b9cfb50025c964326014d2ec4d312f58ce (patch)
tree	0066248b708630e99b9a1b5fee2373a7744f1776 /src
parent	a6b75b837f5e851c80f8f2dc508b11f1693af1b3 (diff)