optimize: do not assume log prefix

author Pablo Neira Ayuso <pablo@netfilter.org>

Fri, 4 Mar 2022 09:37:48 +0000 (10:37 +0100)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Fri, 4 Mar 2022 09:37:48 +0000 (10:37 +0100)
author Pablo Neira Ayuso <pablo@netfilter.org>
Fri, 4 Mar 2022 09:37:48 +0000 (10:37 +0100)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Fri, 4 Mar 2022 09:37:48 +0000 (10:37 +0100)
diff --git a/src/optimize.c b/src/optimize.c

index f8dd7f8d159fdb884e25b7af18f692bca09e9d9c..7a268c452226e41d0f7dd1e8cbab90594c5f3581 100644 (file)
--- a/src/optimize.c
+++ b/src/optimize.c
@@ -153,8 +153,16 @@ static bool __stmt_type_eq(const struct stmt *stmt_a, const struct stmt *stmt_b)
                     stmt_a->log.qthreshold != stmt_b->log.qthreshold ||
                     stmt_a->log.level != stmt_b->log.level ||
                     stmt_a->log.logflags != stmt_b->log.logflags ||
-                   stmt_a->log.flags != stmt_b->log.flags ||
-                   stmt_a->log.prefix->etype != EXPR_VALUE ||
+                   stmt_a->log.flags != stmt_b->log.flags)
+                       return false;
+
+               if (!!stmt_a->log.prefix ^ !!stmt_b->log.prefix)
+                       return false;
+
+               if (!stmt_a->log.prefix)
+                       return true;
+
+               if (stmt_a->log.prefix->etype != EXPR_VALUE ||
                     stmt_b->log.prefix->etype != EXPR_VALUE ||
                     mpz_cmp(stmt_a->log.prefix->value, stmt_b->log.prefix->value))
                         return false;
@@ -265,7 +273,8 @@ static int rule_collect_stmts(struct optimize_ctx *ctx, struct rule *rule)
                         break;
                 case STMT_LOG:
                         memcpy(&clone->log, &stmt->log, sizeof(clone->log));
-                       clone->log.prefix = expr_get(stmt->log.prefix);
+                       if (stmt->log.prefix)
+                               clone->log.prefix = expr_get(stmt->log.prefix);
                         break;
                 default:
                         break;
diff --git a/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft b/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft

index c1c9743b9f8c41ddd5b7f9cb475f07fa8153fb2a..05b9e575c272aa41f763a6ffe7d968fa72e79543 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft
@@ -8,5 +8,6 @@ table ip x {
         chain y {
                 tcp dport vmap { 80 : accept, 81 : accept, 443 : accept, 8000-8100 : accept, 24000-25000 : accept }
                 meta l4proto vmap { tcp : goto filter_in_tcp, udp : goto filter_in_udp }
+               log
         }
  }
diff --git a/tests/shell/testcases/optimizations/merge_vmaps b/tests/shell/testcases/optimizations/merge_vmaps

index 7b7a2723be4b3b119a65601d796e5ec1c65fb978..0922a221bd6d7c94a008b406bad156d1ad6790ab 100755 (executable)
--- a/tests/shell/testcases/optimizations/merge_vmaps
+++ b/tests/shell/testcases/optimizations/merge_vmaps
@@ -19,6 +19,7 @@ RULESET="table ip x {
                 }
                 meta l4proto tcp goto filter_in_tcp
                 meta l4proto udp goto filter_in_udp
+               log
         }
  }"
author	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 4 Mar 2022 09:37:48 +0000 (10:37 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 4 Mar 2022 09:37:48 +0000 (10:37 +0100)
src/optimize.c		patch \| blob \| blame \| history
tests/shell/testcases/optimizations/dumps/merge_vmaps.nft		patch \| blob \| blame \| history
tests/shell/testcases/optimizations/merge_vmaps		patch \| blob \| blame \| history