netlink: fix bitmask element reconstruction

mpz_scan1() needs to begin scanning at bit 0 and the loop must accept
bit 0 as valid. No more bits were found when ULONG_MAX is returned.

Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index a511313ec8aa3314fa69c98b7948f791f720894b..66690255f9465cc8e5a852d989edd8e44ffe2810 100644 (file)
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -8,6 +8,7 @@
  * Development of this code funded by Astaro AG (http://www.astaro.com/)
  */
 
+#include <limits.h>
 #include <linux/netfilter/nf_tables.h>
 #include <netlink.h>
 #include <rule.h>
@@ -580,9 +581,7 @@ static void expr_postprocess(struct rule_pp_ctx *ctx,
                        expr_free(expr->right);
                        expr->right = list_expr_alloc(&expr->left->left->location);
                        n = 0;
-                       while ((n = mpz_scan1(expr->left->right->value, n + 1))) {
-                               if (n > expr->left->right->len)
-                                       break;
+                       while ((n = mpz_scan1(expr->left->right->value, n)) != ULONG_MAX) {
                                i = constant_expr_alloc(&expr->left->right->location,
                                                        expr->left->left->dtype,
                                                        expr->left->right->byteorder,
@@ -590,6 +589,7 @@ static void expr_postprocess(struct rule_pp_ctx *ctx,
                                mpz_set_ui(i->value, 1);
                                mpz_lshift_ui(i->value, n);
                                compound_expr_add(expr->right, i);
+                               n++;
                        }
                        expr->left = expr->left->left;
                        expr->op = OP_FLAGCMP;