On Thu, Oct 31, 2019 at 07:21:24PM +0100, Phil Sutter wrote:
> This wasn't explicitly caught before causing a program abort:
>
> | BUG: invalid range expression type set reference
> | nft: expression.c:1162: range_expr_value_low: Assertion `0' failed.
> | zsh: abort sudo ./install/sbin/nft add rule t c meta mark set tcp dport map '{ @s : 23 }
>
> With this patch in place, the error message is way more descriptive:
>
> | Error: Key can't be set reference
> | add rule t c meta mark set tcp dport map { @s : 23 }
> | ^^
I wanted to check why the parser allow for this...
> Signed-off-by: Phil Sutter <phil@xxxxxx>
> ---
> src/evaluate.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/src/evaluate.c b/src/evaluate.c
> index 81230fc7f4be4..500780aeae243 100644
> --- a/src/evaluate.c
> +++ b/src/evaluate.c
> @@ -1456,6 +1456,10 @@ static int expr_evaluate_mapping(struct eval_ctx *ctx, struct expr **expr)
> if (!expr_is_constant(mapping->left))
> return expr_error(ctx->msgs, mapping->left,
> "Key must be a constant");
> + if (mapping->left->etype == EXPR_SET_ELEM &&
> + mapping->left->key->etype == EXPR_SET_REF)
> + return expr_error(ctx->msgs, mapping->left,
> + "Key can't be set reference");
> mapping->flags |= mapping->left->flags & EXPR_F_SINGLETON;
>
> expr_set_context(&ctx->ectx, set->datatype, set->datalen);
> --
> 2.23.0
>
