On Mon, Jan 16, 2017 at 02:38:32PM +0100, Florian Westphal wrote:
> Pablo reported that ipv6 tests would fail on some systems:
> WARNING: line: 5: 'src/nft add rule --debug=netlink ip6 test-ip6 input iif "lo" ip6 flowlabel set 0':
> '[ bitwise reg 1 = (reg=1 & 0x000000f0 ) ^ 0x00000000 ]' mismatches
> '[ bitwise reg 1 = (reg=1 & 0x00000000 ) ^ 0x00000000 ]'
> ^ should be 'f'
>
> Problem is that mpz_export_data expects the size of the output
> buffer in bytes, but this gave bit-based size.
>
> Then, when mpz_export_data clears the output buffer it will
> also clear 8 extra bytes on stack; depending on compiler version (stack
> layout) this will then clear the bitmask value that we want to export.
>
> Fixes: 78936d50f306c ("evaluate: add support to set IPv6 non-byte header fields")
> Reported-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
This fixes my tests, thanks Florian.
Tested-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
