diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-07-04 00:50:34 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-07-04 00:52:50 +0200 |
commit | 01e4dbb7a180239cfce68f1af94db0732030344d (patch) | |
tree | b457d4e73af90e0b9f47006bd6e807eb3cd6d58c /tests/shell | |
parent | 5bd6b4981ce649b5e0ae5ec30b7738ef33ef7c6e (diff) |
tests: shell: refcount memleak in map rhs with timeouts
Extend coverage for refcount leaks on map element expiration.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/maps/0018map_leak_timeout_0 | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/0018map_leak_timeout_0 b/tests/shell/testcases/maps/0018map_leak_timeout_0 new file mode 100755 index 00000000..5a07ec74 --- /dev/null +++ b/tests/shell/testcases/maps/0018map_leak_timeout_0 @@ -0,0 +1,48 @@ +#!/bin/bash + +set -e + +RULESET="table ip t { + map sourcemap { + type ipv4_addr : verdict + timeout 3s + elements = { 100.123.10.2 : jump c } + } + + chain c { + } +}" + +$NFT -f - <<< "$RULESET" +# again, since it is addition, not creation, it is successful +$NFT -f - <<< "$RULESET" + +# wait for elements to expire +sleep 5 + +# flush it to check for refcount leak +$NFT flush ruleset + +# +# again with stateful objects +# + +RULESET="table ip t { + counter c {} + + map sourcemap { + type ipv4_addr : counter + timeout 3s + elements = { 100.123.10.2 : \"c\" } + } +}" + +$NFT -f - <<< "$RULESET" +# again, since it is addition, not creation, it is successful +$NFT -f - <<< "$RULESET" +# flush it to check for refcount leak + +# wait for elements to expire +sleep 5 + +$NFT flush ruleset |