From fb3e048171fe09c347c43398a779180717818466 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Thu, 16 Oct 2025 16:59:35 +0200 Subject: [PATCH] src: parser_bison: prevent multiple ip daddr/saddr definitions minor change to the bogon makes it assert because symbolic expression will have wrong refcount (2) at scope teardown. Signed-off-by: Florian Westphal Reviewed-by: Fernando Fernandez Mancera --- src/parser_bison.y | 17 +++++++++++++++++ .../bogons/nft-f/tunnel_with_anon_set_assert | 1 + 2 files changed, 18 insertions(+) diff --git a/src/parser_bison.y b/src/parser_bison.y index b63c7df1..4e028d31 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -5070,21 +5070,38 @@ tunnel_config : ID NUM } | IP SADDR symbol_expr close_scope_ip { + if (already_set($0->tunnel.src, &@3, state)) { + expr_free($3); + YYERROR; + } + $0->tunnel.src = $3; datatype_set($3, &ipaddr_type); } | IP DADDR symbol_expr close_scope_ip { + if (already_set($0->tunnel.dst, &@3, state)) { + expr_free($3); + YYERROR; + } $0->tunnel.dst = $3; datatype_set($3, &ipaddr_type); } | IP6 SADDR symbol_expr close_scope_ip6 { + if (already_set($0->tunnel.src, &@3, state)) { + expr_free($3); + YYERROR; + } $0->tunnel.src = $3; datatype_set($3, &ip6addr_type); } | IP6 DADDR symbol_expr close_scope_ip6 { + if (already_set($0->tunnel.dst, &@3, state)) { + expr_free($3); + YYERROR; + } $0->tunnel.dst = $3; datatype_set($3, &ip6addr_type); } diff --git a/tests/shell/testcases/bogons/nft-f/tunnel_with_anon_set_assert b/tests/shell/testcases/bogons/nft-f/tunnel_with_anon_set_assert index 6f7b212a..d0256894 100644 --- a/tests/shell/testcases/bogons/nft-f/tunnel_with_anon_set_assert +++ b/tests/shell/testcases/bogons/nft-f/tunnel_with_anon_set_assert @@ -3,6 +3,7 @@ define s = { 1.2.3.4, 5.6.7.8 } table netdev x { tunnel t { ip saddr $s + ip saddr $s } } -- 2.47.3