diff options
author | Florian Westphal <fw@strlen.de> | 2020-04-01 16:02:16 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2020-04-01 16:43:29 +0200 |
commit | 4ff24ab735c80136c9ce2cca4c3b95065369081d (patch) | |
tree | e515ca79a054df141a07ef973dcd99a091519c7c /src | |
parent | aa2ddbfbee904445b3593082455056ba3fed321c (diff) |
concat: provide proper dtype when parsing typeof udata
Pablo reports following list bug:
table ip foo {
map whitelist {
typeof ip saddr . ip daddr : meta mark
elements = { 0x0 [invalid type] . 0x0 [invalid type] : 0x00000001,
0x0 [invalid type] . 0x0 [invalid type] : 0x00000002 }
}
}
Problem is that concat provided 'invalid' dtype.
Reported-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
-rw-r--r-- | src/expression.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/src/expression.c b/src/expression.c index 863cf86e..6605beb3 100644 --- a/src/expression.c +++ b/src/expression.c @@ -906,8 +906,9 @@ static int concat_parse_udata_nested(const struct nftnl_udata *attr, void *data) static struct expr *concat_expr_parse_udata(const struct nftnl_udata *attr) { const struct nftnl_udata *ud[NFTNL_UDATA_SET_KEY_CONCAT_NEST_MAX] = {}; + const struct datatype *dtype; struct expr *concat_expr; - struct datatype *dtype; + uint32_t dt = 0; unsigned int i; int err; @@ -920,8 +921,6 @@ static struct expr *concat_expr_parse_udata(const struct nftnl_udata *attr) if (!concat_expr) return NULL; - dtype = xzalloc(sizeof(*dtype)); - for (i = 0; i < array_size(ud); i++) { const struct nftnl_udata *nest_ud[NFTNL_UDATA_SET_KEY_CONCAT_SUB_MAX]; const struct nftnl_udata *nested, *subdata; @@ -948,11 +947,14 @@ static struct expr *concat_expr_parse_udata(const struct nftnl_udata *attr) if (!expr) goto err_free; - dtype->subtypes++; + dt = concat_subtype_add(dt, expr->dtype->type); compound_expr_add(concat_expr, expr); - dtype->size += round_up(expr->len, BITS_PER_BYTE * sizeof(uint32_t)); } + dtype = concat_type_alloc(dt); + if (!dtype) + goto err_free; + concat_expr->dtype = dtype; concat_expr->len = dtype->size; |