expression: use expr_clone() from verdict_expr_clone()

Chains are now expressions, do not assume a constant value is used.

==26302== Process terminating with default action of signal 11 (SIGSEGV)
==26302==  Access not within mapped region at address 0x50
==26302==    at 0x67D7EE7: __gmpz_init_set (in /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2)
==26302==    by 0x4E61224: expr_clone (expression.c:65)
==26302==    by 0x4E7898B: interval_map_decompose (segtree.c:943)
==26302==    by 0x4E6DDA0: netlink_list_setelems (netlink.c:882)
==26302==    by 0x4E5A806: cache_init_objects (rule.c:166)
==26302==    by 0x4E5A806: cache_init (rule.c:216)
==26302==    by 0x4E5A806: cache_update (rule.c:266)
==26302==    by 0x4E7E0EE: nft_evaluate (libnftables.c:388)
==26302==    by 0x4E7E8AB: nft_run_cmd_from_buffer (libnftables.c:428)

Fixes: f1e8a129ee42 ("src: Introduce chain_expr in jump and goto statements")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/expression.c b/src/expression.c
index a41e2dafe9fc4a8cdf85fcb91f5069e463a498e7..ef694f2a194db5c2f86afa3a93e27f1e2350f6b2 100644 (file)
--- a/src/expression.c
+++ b/src/expression.c
@@ -217,7 +217,7 @@ static void verdict_expr_clone(struct expr *new, const struct expr *expr)
 {
        new->verdict = expr->verdict;
        if (expr->chain != NULL)
-               mpz_init_set(new->chain->value, expr->chain->value);
+               new->chain = expr_clone(expr->chain);
 }
 
 static void verdict_expr_destroy(struct expr *expr)