Pablo reported that ipv6 tests would fail on some systems:
WARNING: 'add rule --debug=netlink ip6 test-ip6 input ip6 flowlabel set 0':
'[ bitwise reg 1 = (reg=1 & 0x000000f0 ) ^ 0x00000000 ]' mismatches
'[ bitwise reg 1 = (reg=1 & 0x00000000 ) ^ 0x00000000 ]'
^ should be 'f'
Problem is that mpz_export_data expects the size of the output
buffer in bytes, but this gave bit-based size.
Then, when mpz_export_data clears the output buffer it will
also clear 8 extra bytes on stack; depending on compiler version (stack
layout) this will then clear the bitmask value that we want to export.
Fixes: 78936d50f306c ("evaluate: add support to set IPv6 non-byte header fields") Reported-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fw@strlen.de> Tested-by: Pablo Neira Ayuso <pablo@netfilter.org>
projects / thirdparty / nftables.git / commit
