expression: provide clone operation for set element ops

define addrs={ 1.2.3.4 }
table ip filter {
	chain input {
		type filter hook input priority 0;
		ip saddr $addrs accept
	}
}

segfaults. Using saddr { 1.2.3.4 } instead of $addrs works.

Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801087
Tested-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/src/expression.c b/src/expression.c
index 3edc5501b362489babf6eb56d876b308075d9380..ab195e5f3eb8efebaa05b3e979ec33a143986124 100644 (file)
--- a/src/expression.c
+++ b/src/expression.c
@@ -907,9 +907,19 @@ static void set_elem_expr_destroy(struct expr *expr)
        expr_free(expr->key);
 }
 
+static void set_elem_expr_clone(struct expr *new, const struct expr *expr)
+{
+       new->key = expr_clone(expr->key);
+       new->expiration = expr->expiration;
+       new->timeout = expr->timeout;
+       if (expr->comment)
+               new->comment = xstrdup(expr->comment);
+}
+
 static const struct expr_ops set_elem_expr_ops = {
        .type           = EXPR_SET_ELEM,
        .name           = "set element",
+       .clone          = set_elem_expr_clone,
        .print          = set_elem_expr_print,
        .destroy        = set_elem_expr_destroy,
 };