From 95629758a5ec36313d839f8545fef0dc220408d8 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 1 Oct 2018 14:51:24 +0200
Subject: segtree: bogus range via get set element on existing elements

 table ip x {
        set y {
                type inet_service
                flags interval
                elements = { 10, 20-30, 40, 50-60 }
        }
 }

 # nft get element x y { 20-40 }
 table ip x {
        set y {
                type inet_service
                flags interval
                elements = { 20-40 }
        }
 }

20 and 40 exist in the tree, but they are part of different ranges.
This patch adds a new get_set_decompose() function to validate that the
left and the right side of the range.

Reported-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/expression.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/expression.h')

diff --git a/include/expression.h b/include/expression.h
index fb52abfe..d6977c3a 100644
--- a/include/expression.h
+++ b/include/expression.h
@@ -453,7 +453,7 @@ extern void interval_map_decompose(struct expr *set);
 extern struct expr *get_set_intervals(const struct set *set,
 				      const struct expr *init);
 struct table;
-extern void get_set_decompose(struct table *table, struct set *set);
+extern int get_set_decompose(struct table *table, struct set *set);
 
 extern struct expr *mapping_expr_alloc(const struct location *loc,
 				       struct expr *from, struct expr *to);
-- 
cgit v1.2.3