[PATCH nft] evaluate: clear expression context before cmd evaluation

Florian Westphal <fw@xxxxxxxxx> · Thu, 19 Apr 2018 18:18:57 +0200

We also need to clear expr ctx before we eval a command.
This is a followup fix to 'evaluate: reset eval context when evaluating
set definitions'.

The first patch only fixed set evaluation when dealing with
a complete table representation rather than individual commands.

Reported-by: David Fabian <david.fabian@xxxxxxxxx>
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
 src/evaluate.c                                       | 3 ++-
 tests/shell/testcases/sets/0033add_set_simple_flat_0 | 9 +++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100755 tests/shell/testcases/sets/0033add_set_simple_flat_0

diff --git a/src/evaluate.c b/src/evaluate.c
index aee5b1c15c7a..a487a0c624c6 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3005,7 +3005,6 @@ static int cmd_evaluate_add(struct eval_ctx *ctx, struct cmd *cmd)
 				   ctx->msgs, ctx->debug_mask & NFT_DEBUG_NETLINK, ctx->octx);
 		if (ret < 0)
 			return ret;
-
 		handle_merge(&cmd->set->handle, &cmd->handle);
 		return set_evaluate(ctx, cmd->set);
 	case CMD_OBJ_RULE:
@@ -3472,6 +3471,8 @@ int cmd_evaluate(struct eval_ctx *ctx, struct cmd *cmd)
 		erec_destroy(erec);
 	}
 
+	memset(&ctx->ectx, 0, sizeof(ctx->ectx));
+
 	ctx->cmd = cmd;
 	switch (cmd->op) {
 	case CMD_ADD:
diff --git a/tests/shell/testcases/sets/0033add_set_simple_flat_0 b/tests/shell/testcases/sets/0033add_set_simple_flat_0
new file mode 100755
index 000000000000..86be0c990f1c
--- /dev/null
+++ b/tests/shell/testcases/sets/0033add_set_simple_flat_0
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+RULESET="add table ip x
+add set x setA {type ipv4_addr . inet_service . ipv4_addr; flags timeout;}
+add set x setB {type ipv4_addr . inet_service; flags timeout;}
+"
+
+set -e
+$NFT -f - <<< "$RULESET"
-- 
2.16.1

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






