git.ipfire.org Git - thirdparty/nftables.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Sun, 5 Nov 2023 17:33:14 +0000 (18:33 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 6 Nov 2023 11:16:07 +0000 (12:16 +0100)
commit	57f092a87fc4bc61e29cff31dfff976e1f2005ab
tree	38fd37b1c6dda9e82800ad57757cf7ba7bf0499c	tree
parent	d392ddf243dcbf8a34726c777d2c669b1e8bfa85	commit \| diff

evaluate: reset statement length context only for set mappings

map expression (which is used a key to look up for the mapping) needs to
consider the statement length context, otherwise incorrect bytecode is
generated when {ct,meta} statement is generated.

# nft -f - <<EOF
add table ip6 t
add chain ip6 t c
add map ip6 t mapv6 { typeof ip6 dscp : meta mark; }
EOF

# nft -d netlink add rule ip6 t c meta mark set ip6 dscp map @mapv6
ip6 t c
   [ payload load 2b @ network header + 0 => reg 1 ]
   [ bitwise reg 1 = ( reg 1 & 0x0000c00f ) ^ 0x00000000 ]
   ... missing byteorder conversion here before shift ...
   [ bitwise reg 1 = ( reg 1 >> 0x00000006 ) ]
   [ lookup reg 1 set mapv6 dreg 1 ]
   [ meta set mark with reg 1 ]

Reset statement length context only for the mapping side for the
elements in the set.

Fixes: edecd58755a8 ("evaluate: support shifts larger than the width of the left operand")
Reported-by: Brian Davidson <davidson.brian@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

src/evaluate.c		diff \| blob \| blame \| history
tests/py/ip6/ip6.t		diff \| blob \| blame \| history
tests/py/ip6/ip6.t.json		diff \| blob \| blame \| history
tests/py/ip6/ip6.t.payload.inet		diff \| blob \| blame \| history
tests/py/ip6/ip6.t.payload.ip6		diff \| blob \| blame \| history