nft-shared: update context register for bitwise expression

Update the destination register, otherwise nft_parse_cmp() gives up on
interpreting the cmp expression when bitwise sreg != dreg.

Fixes: 2c4a34c30cb4 ("iptables-compat: fix address prefix")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index c57218542c964711a88c48584097954248d6fc96..b3993211c79d0f612b037024f877db2bc67fc3cf 100644 (file)
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -460,6 +460,8 @@ static void nft_parse_bitwise(struct nft_xt_ctx *ctx, struct nftnl_expr *e)
        if (ctx->reg && reg != ctx->reg)
                return;
 
+       reg = nftnl_expr_get_u32(e, NFTNL_EXPR_BITWISE_DREG);
+       ctx->reg = reg;
        data = nftnl_expr_get(e, NFTNL_EXPR_BITWISE_XOR, &len);
        memcpy(ctx->bitwise.xor, data, len);
        data = nftnl_expr_get(e, NFTNL_EXPR_BITWISE_MASK, &len);