Re: [PATCH nft,v3 05/12] evaluate: set up integer type to shift expression

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Mar 23, 2023 at 05:58:48PM +0100, Pablo Neira Ayuso wrote:
> Otherwise expr_evaluate_value() fails with invalid datatype:
> 
>  # nft --debug=netlink add rule ip x y 'ct mark set ip dscp & 0x0f << 1'
>  BUG: invalid basetype invalid
>  nft: evaluate.c:440: expr_evaluate_value: Assertion `0' failed.
> 
> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> ---
>  src/evaluate.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/src/evaluate.c b/src/evaluate.c
> index 33b1aad72f66..1ee9bdc5aa47 100644
> --- a/src/evaluate.c
> +++ b/src/evaluate.c
> @@ -1308,6 +1308,7 @@ static int expr_evaluate_shift(struct eval_ctx *ctx, struct expr **expr)
>  	if (byteorder_conversion(ctx, &op->right, BYTEORDER_HOST_ENDIAN) < 0)
>  		return -1;
>  
> +	op->dtype     = &integer_type;

I have updated this patch to use:

        datatype_set(op, &integer_type);

before pushing out this batch.

otherwise, datatype leak is possible.

>  	op->byteorder = BYTEORDER_HOST_ENDIAN;
>  	op->len	      = max_shift_len;
>  
> -- 
> 2.30.2
> 



[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux