evaluate: do not pass EXPR_SET_ELEM to stmt_evaluate_arg() for set/map evaluation

Otherwise, we cannot validate mismatching length size when combining raw
expressions with sets and maps, eg.

 # cat /tmp/test
 table ip nftlb {
       map persistency {
               type ipv4_addr : mark
               size 65535
               timeout 1h
       }

       chain pre {
               type filter hook prerouting priority filter; policy accept;
               ip protocol { tcp, udp } update @persistency { @th,0,16 : numgen inc mod 2 offset 100 }
       }
 }

 # nft -f /tmp/test
 /tmp/test:10:68-75: Error: datatype mismatch: expected IPv4 address, expression has type integer with length 16
                    ip protocol { tcp, udp } update @persistency { @th,0,16 : numgen inc mod 2 offset 100 }
                                             ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pass inner expression instead, instead of the wrapping set element
expression.

Fixes: 0e90798e9812 ("src: simplify map statement")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index 66e9293fd4ca8a7f128714b3e76f590ed66099cf..dbeedc959347c339defd5a425dfa4d937eb29626 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2733,7 +2733,7 @@ static int stmt_evaluate_set(struct eval_ctx *ctx, struct stmt *stmt)
                              stmt->set.set->set->key->dtype,
                              stmt->set.set->set->key->len,
                              stmt->set.set->set->key->byteorder,
-                             &stmt->set.key) < 0)
+                             &stmt->set.key->key) < 0)
                return -1;
        if (expr_is_constant(stmt->set.key))
                return expr_error(ctx->msgs, stmt->set.key,
@@ -2765,7 +2765,7 @@ static int stmt_evaluate_map(struct eval_ctx *ctx, struct stmt *stmt)
                              stmt->map.set->set->key->dtype,
                              stmt->map.set->set->key->len,
                              stmt->map.set->set->key->byteorder,
-                             &stmt->map.key) < 0)
+                             &stmt->map.key->key) < 0)
                return -1;
        if (expr_is_constant(stmt->map.key))
                return expr_error(ctx->msgs, stmt->map.key,