intervals: fix crash when trying to remove element in empty set

The set deletion routine expects an initialized set, otherwise it crashes.

Fixes: 3e8d934e4f72 ("intervals: support to partial deletion with automerge")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/intervals.c b/src/intervals.c
index dcc06d18d594cf9c97e4345bdd855d1a61813b2d..c21b3ee0ad60d01be676e2b52a3f19f9d9d305cd 100644 (file)
--- a/src/intervals.c
+++ b/src/intervals.c
@@ -475,7 +475,11 @@ int set_delete(struct list_head *msgs, struct cmd *cmd, struct set *set,
        if (set->automerge)
                automerge_delete(msgs, set, init, debug_mask);
 
-       set_to_range(existing_set->init);
+       if (existing_set->init) {
+               set_to_range(existing_set->init);
+       } else {
+               existing_set->init = set_expr_alloc(&internal_location, set);
+       }
 
        list_splice_init(&init->expressions, &del_list);
 

diff --git a/tests/shell/testcases/sets/errors_0 b/tests/shell/testcases/sets/errors_0
new file mode 100755 (executable)
index 0000000..2960b69
--- /dev/null
+++ b/tests/shell/testcases/sets/errors_0
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+
+RULESET="table ip x {
+       set y {
+               type ipv4_addr
+               flags interval
+       }
+}
+
+delete element ip x y { 2.3.4.5 }"
+
+$NFT -f - <<< $RULESET || exit 0