From f30e5fe55f252558f6b78c436595051b0506b8c6 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Wed, 16 Jan 2019 13:54:13 +0100 Subject: mnl: name is ignored when deleting a table nlt is reallocated, leaking first allocation and also removing the table name/handle that was set on nlt object. Add a test case for this as well, the batch is supposed to fail when trying to delete a non-existant table, rather than wiping all tables in the same address family. Fixes: 12c362e2214a0 ("mnl: remove alloc_nftnl_table()") Reported-by: Mikhail Morfikov Signed-off-by: Florian Westphal --- tests/shell/testcases/transactions/0003table_0 | 35 ++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'tests/shell/testcases/transactions/0003table_0') diff --git a/tests/shell/testcases/transactions/0003table_0 b/tests/shell/testcases/transactions/0003table_0 index 6e508fc2..6861eaba 100755 --- a/tests/shell/testcases/transactions/0003table_0 +++ b/tests/shell/testcases/transactions/0003table_0 @@ -11,3 +11,38 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi + +KERNEL_RULESET="$($NFT list ruleset)" +if [ "" != "$KERNEL_RULESET" ] ; then + DIFF="$(which diff)" + echo "Got a ruleset, but expected empty: " + echo "$KERNEL_RULESET" + exit 1 +fi + +RULESET="table ip x { +} +table ip y { +}" + +$NFT -f - <<< "$RULESET" +if [ $? -ne 0 ] ; then + echo "E: unable to load good ruleset" >&2 + exit 1 +fi + +RULESETFAIL="flush ruleset +create table ip nat +create table inet filter +create chain ip nat testchain +delete table ip testtable" + +# testtable doesn't exist, batch expected to fail +$NFT -f - <<< "$RULESETFAIL" && exit 2 + +KERNEL_RULESET="$($NFT list ruleset)" +if [ "$RULESET" != "$KERNEL_RULESET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$RULESET") <(echo "$KERNEL_RULESET") + exit 1 +fi -- cgit v1.2.3