Fix assert bug of map dynset having ipv6 concat data
nft add rule ip6 table-test chain-1 update @map-X { ip6 saddr : 1000::1 . 5001 }
nft: src/netlink_linearize.c:873: netlink_gen_expr: Assertion `dreg < ctx->reg_low' failed.
Aborted (core dumped)
The current code allocates upto 4 registers for map dynset data, but ipv6 concat
data of a dynset requires more than 4 registers, resulting in the assert in
netlink_gen_expr when generating netlink info for the dynset data.
Signed-off-by: Son Dinh <dinhtrason@xxxxxxxxx>
---
src/netlink_linearize.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git src/netlink_linearize.c src/netlink_linearize.c
index 6204d8fd..11b4bc2d 100644
--- src/netlink_linearize.c
+++ src/netlink_linearize.c
@@ -1588,15 +1588,20 @@ static void netlink_gen_map_stmt(struct netlink_linearize_ctx *ctx,
struct nftnl_expr *nle;
int num_stmts = 0;
struct stmt *this;
+ int regspace = 0;
+ struct expr *expr_data = stmt->map.data;
sreg_key = get_register(ctx, stmt->map.key->key);
netlink_gen_expr(ctx, stmt->map.key->key, sreg_key);
- sreg_data = get_register(ctx, stmt->map.data);
- netlink_gen_expr(ctx, stmt->map.data, sreg_data);
+ /* Adjust ctx->reg_low to the real size of stmt->map.data */
+ regspace = netlink_register_space(expr_data->map->len);
+ sreg_data = ctx->reg_low;
+ ctx->reg_low += regspace;
+ netlink_gen_expr(ctx, expr_data, sreg_data);
+ ctx->reg_low -= regspace;
release_register(ctx, stmt->map.key->key);
- release_register(ctx, stmt->map.data);
nle = alloc_nft_expr("dynset");
netlink_put_register(nle, NFTNL_EXPR_DYNSET_SREG_KEY, sreg_key);
--
2.44.0.windows.1
