From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 30 Apr 2020 14:30:15 +0000 (+0200)
Subject: rule: fix element cache update in __do_add_setelems()
X-Git-Tag: v0.9.5~35
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e68938f2bf89fcc9a99e12c9b7a10c1838f2a133;p=thirdparty%2Fnftables.git

rule: fix element cache update in __do_add_setelems()

The set->init and expr arguments might actually refer to the same list
of elements. Skip set element cache update introduced by dd44081d91ce
("segtree: Fix add and delete of element in same batch") otherwise
list_splice_tail_init() actually operates with the same list as
arguments. Valgrind reports this problem as a memleak since the result
of this operation was an empty set element list.

Fixes: dd44081d91ce ("segtree: Fix add and delete of element in same batch")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/src/rule.c b/src/rule.c
index 9e80c025..23b1cbfc 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1564,7 +1564,7 @@ static int __do_add_setelems(struct netlink_ctx *ctx, struct set *set,
 		return -1;
 
 	if (!set_is_anonymous(set->flags) &&
-	    set->init != NULL &&
+	    set->init != NULL && set->init != expr &&
 	    set->flags & NFT_SET_INTERVAL &&
 	    set->desc.field_count <= 1) {
 		interval_map_decompose(expr);