On Mon, Aug 08, 2016 at 01:17:56PM +0200, Carlos Falgueras García wrote:
> diff --git a/src/expr/dynset.c b/src/expr/dynset.c
> index 0eaa409..fa8b8d5 100644
> --- a/src/expr/dynset.c
> +++ b/src/expr/dynset.c
> @@ -370,6 +370,23 @@ static void nftnl_expr_dynset_free(const struct nftnl_expr *e)
> xfree(dynset->set_name);
> }
>
> +static bool nftnl_expr_dynset_cmp(const struct nftnl_expr *e1,
> + const struct nftnl_expr *e2)
> +{
> + struct nftnl_expr_dynset *d1, *d2;
> +
> + d1 = nftnl_expr_data(e1);
> + d2 = nftnl_expr_data(e2);
> +
> + return d1->sreg_key == d2->sreg_key &&
> + d1->sreg_data == d2->sreg_data &&
> + d1->op == d2->op &&
> + d1->timeout == d2->timeout &&
> + nftnl_expr_cmp(d1->expr, d2->expr) &&
> + !strcmp(d1->set_name, d2->set_name) &&
> + d1->set_id == d2->set_id;
Are we going to compare fields even if unset?
This is error prone, is we _set() an attribute, then _unset() it, we
just set off of the flag. So the value is still there and cmp will
return a bogus result.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
