This wasn't explicitly caught before causing a program abort:
| BUG: invalid range expression type set reference
| nft: expression.c:1162: range_expr_value_low: Assertion `0' failed.
| zsh: abort sudo ./install/sbin/nft add rule t c meta mark set tcp dport map '{ @s : 23 }
With this patch in place, the error message is way more descriptive:
| Error: Key can't be set reference
| add rule t c meta mark set tcp dport map { @s : 23 }
| ^^
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
src/evaluate.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/evaluate.c b/src/evaluate.c
index 81230fc7f4be4..500780aeae243 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1456,6 +1456,10 @@ static int expr_evaluate_mapping(struct eval_ctx *ctx, struct expr **expr)
if (!expr_is_constant(mapping->left))
return expr_error(ctx->msgs, mapping->left,
"Key must be a constant");
+ if (mapping->left->etype == EXPR_SET_ELEM &&
+ mapping->left->key->etype == EXPR_SET_REF)
+ return expr_error(ctx->msgs, mapping->left,
+ "Key can't be set reference");
mapping->flags |= mapping->left->flags & EXPR_F_SINGLETON;
expr_set_context(&ctx->ectx, set->datatype, set->datalen);
--
2.23.0
