diff options
author | Florian Westphal <fw@strlen.de> | 2024-02-18 12:12:46 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2024-02-18 13:48:52 +0100 |
commit | 04fff6d96044dfb9f73224078ad74df192c82106 (patch) | |
tree | 4a0583aa22c12595cbb295c5fd45f56ff9fabd02 /tests/shell | |
parent | 40afa4bb2c7c7c8d488a8d44830c6b72cd98c640 (diff) |
tests: shell: add regression test for catchall double-delete
Test case for:
b1db244ffd04 ("netfilter: nf_tables: check if catch-all set element is active in next generation")
Reported-by: lonial con <kongln9170@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell')
-rw-r--r-- | tests/shell/testcases/maps/dumps/map_catchall_double_free_2.nft | 9 | ||||
-rwxr-xr-x | tests/shell/testcases/maps/map_catchall_double_free_2 | 27 |
2 files changed, 36 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/dumps/map_catchall_double_free_2.nft b/tests/shell/testcases/maps/dumps/map_catchall_double_free_2.nft new file mode 100644 index 00000000..68958c40 --- /dev/null +++ b/tests/shell/testcases/maps/dumps/map_catchall_double_free_2.nft @@ -0,0 +1,9 @@ +table ip test { + map testmap { + type ipv4_addr : verdict + elements = { * : jump testchain } + } + + chain testchain { + } +} diff --git a/tests/shell/testcases/maps/map_catchall_double_free_2 b/tests/shell/testcases/maps/map_catchall_double_free_2 new file mode 100755 index 00000000..5842fcb5 --- /dev/null +++ b/tests/shell/testcases/maps/map_catchall_double_free_2 @@ -0,0 +1,27 @@ +#!/bin/bash + +# NFT_TEST_REQUIRES(NFT_TEST_HAVE_catchall_element) + +$NFT -f /dev/stdin <<EOF +table ip test { + map testmap { + type ipv4_addr : verdict + elements = { * : jump testchain } + } + + chain testchain { } +} +EOF + +# second attempt to delete the catchall element +# musts trigger transaction abort +$NFT -f /dev/stdin <<EOF +delete element ip test testmap { * } +delete element ip test testmap { * } +EOF + +if [ $? -eq 1 ]; then + exit 0 +fi + +exit 1 |