From: Florian Westphal <fw@strlen.de>
Date: Fri, 8 Dec 2023 18:38:33 +0000 (+0100)
Subject: evaluate: fix bogus assertion failure with boolean datatype
X-Git-Tag: v1.0.6.1~287
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=eb4daa937dcce01938eb7ff0f5b2a06166ff5cfd;p=thirdparty%2Fnftables.git

evaluate: fix bogus assertion failure with boolean datatype

commit 567937b5560fbcc7f6b74fb43c52e1cab2ac425a upstream.

The assertion is too strict, as found by afl++:

typeof iifname . ip saddr . meta ipsec
elements = { "eth0" . 10.1.1.2 . 1 }

meta ipsec is boolean (1 bit), but datasize of 1 is set at 8 bit.

Fixes: 22b750aa6dc9 ("src: allow use of base integer types as set keys in concatenations")
Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/src/evaluate.c b/src/evaluate.c
index 849a92d1..669fc0e8 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -4452,14 +4452,15 @@ static int set_expr_evaluate_concat(struct eval_ctx *ctx, struct expr **expr)
 						 "expressions",
 						 i->dtype->name);
 
-		if (i->dtype->size)
-			assert(i->len == i->dtype->size);
-
 		flags &= i->flags;
 
 		ntype = concat_subtype_add(ntype, i->dtype->type);
 
 		dsize_bytes = div_round_up(i->len, BITS_PER_BYTE);
+
+		if (i->dtype->size)
+			assert(dsize_bytes == div_round_up(i->dtype->size, BITS_PER_BYTE));
+
 		(*expr)->field_len[(*expr)->field_count++] = dsize_bytes;
 		size += netlink_padded_len(i->len);
 	}