evaluate: bogus datatype assertion in binary operation evaluation

author Pablo Neira Ayuso <pablo@netfilter.org>

Tue, 4 Oct 2022 23:36:44 +0000 (01:36 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 6 Oct 2022 13:35:23 +0000 (15:35 +0200)
author Pablo Neira Ayuso <pablo@netfilter.org>
Tue, 4 Oct 2022 23:36:44 +0000 (01:36 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 6 Oct 2022 13:35:23 +0000 (15:35 +0200)
diff --git a/src/evaluate.c b/src/evaluate.c

index a52867b33be01129697c648b6b231d80cac22e81..2e2b8df0f004a0b26c36e9f028fc027fab0f0d30 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1265,7 +1265,7 @@ static int expr_evaluate_binop(struct eval_ctx *ctx, struct expr **expr)
                                          sym, expr_name(right));
  
         /* The grammar guarantees this */
-       assert(expr_basetype(left) == expr_basetype(right));
+       assert(datatype_equal(expr_basetype(left), expr_basetype(right)));
  
         switch (op->op) {
         case OP_LSHIFT:
diff --git a/tests/shell/testcases/optimizations/dumps/not_mergeable.nft b/tests/shell/testcases/optimizations/dumps/not_mergeable.nft

index 08b2b58f66c3da98dc6fc58325c99612c6fa8280..02b89207b0cb84dc24f7fa08e7e3ce0eb1fb403d 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/not_mergeable.nft
+++ b/tests/shell/testcases/optimizations/dumps/not_mergeable.nft
@@ -5,8 +5,15 @@ table ip x {
         chain t2 {
         }
  
+       chain t3 {
+       }
+
+       chain t4 {
+       }
+
         chain y {
                 counter packets 0 bytes 0 jump t1
                 counter packets 0 bytes 0 jump t2
+               ip version vmap { 4 : jump t3, 6 : jump t4 }
         }
  }
diff --git a/tests/shell/testcases/optimizations/not_mergeable b/tests/shell/testcases/optimizations/not_mergeable

index 25635cdd653d2294ecf2c18fb6ac76511da18a71..ddb2f0fd86fcc00c12ea69084dcd3b846546ea82 100755 (executable)
--- a/tests/shell/testcases/optimizations/not_mergeable
+++ b/tests/shell/testcases/optimizations/not_mergeable
@@ -7,9 +7,15 @@ RULESET="table ip x {
         }
         chain t2 {
         }
+       chain t3 {
+       }
+       chain t4 {
+       }
         chain y {
                 counter jump t1
                 counter jump t2
+               ip version 4 jump t3
+               ip version 6 jump t4
         }
  }"
author	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 4 Oct 2022 23:36:44 +0000 (01:36 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 6 Oct 2022 13:35:23 +0000 (15:35 +0200)
src/evaluate.c		patch \| blob \| blame \| history
tests/shell/testcases/optimizations/dumps/not_mergeable.nft		patch \| blob \| blame \| history
tests/shell/testcases/optimizations/not_mergeable		patch \| blob \| blame \| history