[PATCH nft] segtree: incorrect handling of comments and timeouts with mapping

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Check if expression is a mapping to do the right handling.

Fixes: 35fedcf540bf ("segtree: missing comments in range and prefix expressions in sets")
Fixes: be90e03dd1fa ("segtree: add timeout for range and prefix expressions in sets")
Reported-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 src/segtree.c | 67 ++++++++++++++++++++++++++++++++++++++++-------------------
 1 file changed, 46 insertions(+), 21 deletions(-)

diff --git a/src/segtree.c b/src/segtree.c
index 28d45c920c3c..423c54bdeda6 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -540,13 +540,19 @@ static void set_insert_interval(struct expr *set, struct seg_tree *tree,
 	expr = set_elem_expr_alloc(&internal_location, expr);
 
 	if (ei->expr != NULL) {
-		if (ei->expr->comment)
-			expr->comment = xstrdup(ei->expr->comment);
-		if (ei->expr->timeout)
-			expr->timeout = ei->expr->timeout;
-		if (ei->expr->ops->type == EXPR_MAPPING)
+		if (ei->expr->ops->type == EXPR_MAPPING) {
+			if (ei->expr->left->comment)
+				expr->comment = xstrdup(ei->expr->left->comment);
+			if (ei->expr->left->timeout)
+				expr->timeout = ei->expr->left->timeout;
 			expr = mapping_expr_alloc(&ei->expr->location, expr,
 						  expr_get(ei->expr->right));
+		} else {
+			if (ei->expr->comment)
+				expr->comment = xstrdup(ei->expr->comment);
+			if (ei->expr->timeout)
+				expr->timeout = ei->expr->timeout;
+		}
 	}
 
 	if (ei->flags & EI_F_INTERVAL_END)
@@ -831,15 +837,25 @@ void interval_map_decompose(struct expr *set)
 
 			tmp = range_expr_alloc(&low->location, expr_value(low), tmp);
 			tmp = set_elem_expr_alloc(&low->location, tmp);
-			if (low->comment)
-				tmp->comment = xstrdup(low->comment);
-			if (low->timeout)
-				tmp->timeout = low->timeout;
-			if (low->expiration)
-				tmp->expiration = low->expiration;
 
-			if (low->ops->type == EXPR_MAPPING)
-				tmp = mapping_expr_alloc(&tmp->location, tmp, low->right);
+			if (low->ops->type == EXPR_MAPPING) {
+				if (low->left->comment)
+					tmp->comment = xstrdup(low->left->comment);
+				if (low->left->timeout)
+					tmp->timeout = low->left->timeout;
+				if (low->left->expiration)
+					tmp->expiration = low->left->expiration;
+
+				tmp = mapping_expr_alloc(&tmp->location, tmp,
+							 low->right);
+			} else {
+				if (low->comment)
+					tmp->comment = xstrdup(low->comment);
+				if (low->timeout)
+					tmp->timeout = low->timeout;
+				if (low->left->expiration)
+					tmp->expiration = low->expiration;
+			}
 
 			compound_expr_add(set, tmp);
 		} else {
@@ -852,16 +868,25 @@ void interval_map_decompose(struct expr *set)
 			prefix->len = expr_value(i)->len;
 
 			prefix = set_elem_expr_alloc(&low->location, prefix);
-			if (low->comment)
-				prefix->comment = xstrdup(low->comment);
-			if (low->timeout)
-				prefix->timeout = low->timeout;
-			if (low->expiration)
-				prefix->expiration = low->expiration;
-
-			if (low->ops->type == EXPR_MAPPING)
+
+			if (low->ops->type == EXPR_MAPPING) {
+				if (low->left->comment)
+					prefix->comment = xstrdup(low->left->comment);
+				if (low->left->timeout)
+					prefix->timeout = low->left->timeout;
+				if (low->left->expiration)
+					prefix->expiration = low->left->expiration;
+
 				prefix = mapping_expr_alloc(&low->location, prefix,
 							    low->right);
+			} else {
+				if (low->comment)
+					prefix->comment = xstrdup(low->comment);
+				if (low->timeout)
+					prefix->timeout = low->timeout;
+				if (low->left->expiration)
+					prefix->expiration = low->expiration;
+			}
 
 			compound_expr_add(set, prefix);
 		}
-- 
2.11.0

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux