evaluate: set on expr->len for catchall set elements

commit b523008535f3de78ed5834a302ba07cda4b4c8fd upstream.

Catchall elements coming from the parser provide expr->len == 0.
However, the existing mergesort implementation requires expr->len to be
set up to the length of the set key to properly sort elements.

In particular, set element deletion leverages such list sorting to find
if elements exists in the set.

Fixes: 419d19688688 ("src: add set element catch-all support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index 1cac3fdc3a9e4803ad05e543531e5bb6f805b7a1..80023834410a3278a6e265f9dc81c4cb09f55db9 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1720,6 +1720,16 @@ err_missing_flag:
                          set_is_map(ctx->set->flags) ? "map" : "set", expr_name(key));
 }
 
+static int expr_evaluate_set_elem_catchall(struct eval_ctx *ctx, struct expr **expr)
+{
+       struct expr *elem = *expr;
+
+       if (ctx->set)
+               elem->len = ctx->set->key->len;
+
+       return 0;
+}
+
 static const struct expr *expr_set_elem(const struct expr *expr)
 {
        if (expr->etype == EXPR_MAPPING)
@@ -2831,7 +2841,7 @@ static int expr_evaluate(struct eval_ctx *ctx, struct expr **expr)
        case EXPR_XFRM:
                return expr_evaluate_xfrm(ctx, expr);
        case EXPR_SET_ELEM_CATCHALL:
-               return 0;
+               return expr_evaluate_set_elem_catchall(ctx, expr);
        case EXPR_FLAGCMP:
                return expr_evaluate_flagcmp(ctx, expr);
        default: