[PATCH nft,v2] evaluate: bogus bail out with raw expression from dynamic sets

Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> · Wed, 17 Oct 2018 12:57:01 +0200

The following ruleset that uses raw expressions:

 table ip nftlb {
        map persistency {
                type inet_service : mark
                size 65535
                timeout 1h
                elements = { 53 expires 59m55s864ms : 0x00000064, 80 expires 59m58s924ms : 0x00000065, 443 expires 59m56s220ms : 0x00000064 }
        }

        chain pre {
                type filter hook prerouting priority filter; policy accept;
                ip protocol { tcp, udp } update @persistencia { @th,0,16 : numgen inc mod 2 offset 100 }
        }
 }

bogusly bails out with:

 /tmp/test:9:57-64: Error: datatype mismatch: expected internet network service, expression has type integer
         ip protocol { tcp, udp } update @persistencia { @th,0,16 : numgen inc mod 2 offset 100 }
                                  ~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fix the problem by evaluating expression basetype and length in this case.

Reported-by: Laura Garcia <nevola@xxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
v2: passes tests/py

 include/datatype.h |  6 ++++++
 src/evaluate.c     | 12 +++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/include/datatype.h b/include/datatype.h
index eab505ba53f8..f7092f06a5ec 100644
--- a/include/datatype.h
+++ b/include/datatype.h
@@ -171,6 +171,12 @@ static inline bool datatype_equal(const struct datatype *d1,
 	return d1->type == d2->type;
 }
 
+static inline const struct datatype *
+datatype_basetype(const struct datatype *dtype)
+{
+	return dtype->basetype ? dtype->basetype : dtype;
+}
+
 /**
  * struct symbolic_constant - symbol <-> constant mapping
  *
diff --git a/src/evaluate.c b/src/evaluate.c
index db49a18d0150..1880578b8738 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1854,7 +1854,17 @@ static int stmt_evaluate_arg(struct eval_ctx *ctx, struct stmt *stmt,
 	if (expr_evaluate(ctx, expr) < 0)
 		return -1;
 
-	if (!datatype_equal((*expr)->dtype, dtype))
+	if ((*expr)->ops->type == EXPR_PAYLOAD &&
+	    (*expr)->dtype->type == TYPE_INTEGER &&
+	    ((*expr)->dtype->type != datatype_basetype(dtype)->type ||
+	     (*expr)->len != len))
+		return stmt_binary_error(ctx, *expr, stmt,
+					 "datatype mismatch: expected %s, "
+					 "expression has type %s with length %d",
+					 dtype->desc, (*expr)->dtype->desc,
+					 (*expr)->len);
+	else if ((*expr)->dtype->type != TYPE_INTEGER &&
+		 !datatype_equal((*expr)->dtype, dtype))
 		return stmt_binary_error(ctx, *expr, stmt,
 					 "datatype mismatch: expected %s, "
 					 "expression has type %s",
-- 
2.11.0







