From: Pablo Neira Ayuso Date: Thu, 22 Dec 2022 10:23:00 +0000 (+0100) Subject: evaluate: fix shift exponent underflow in concatenation evaluation X-Git-Tag: v1.0.7~58 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0fe79458cb5ae36d838f0e5a5dc5cc6f332cac03;p=thirdparty%2Fnftables.git evaluate: fix shift exponent underflow in concatenation evaluation There is an underflow of the index that iterates over the concatenation: ../include/datatype.h:292:15: runtime error: shift exponent 4294967290 is too large for 32-bit type 'unsigned int' set the datatype to invalid which is fine to evaluate a concatenation in a set/map statement. Update b8e1940aa190 ("tests: add a test case for map update from packet path with concat") so it does not need a workaround to work. Signed-off-by: Pablo Neira Ayuso --- diff --git a/src/evaluate.c b/src/evaluate.c index c04cb91d..70adb847 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1357,7 +1357,7 @@ static int expr_evaluate_concat(struct eval_ctx *ctx, struct expr **expr) dsize = key->len; bo = key->byteorder; off--; - } else if (dtype == NULL) { + } else if (dtype == NULL || off == 0) { tmp = datatype_lookup(TYPE_INVALID); } else { tmp = concat_subtype_lookup(type, --off); diff --git a/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft b/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft index d91b795f..a2c3c139 100644 --- a/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft +++ b/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft @@ -1,6 +1,6 @@ table ip foo { map pinned { - typeof ip daddr . tcp dport : ip daddr . tcp dport + typeof ip saddr . ct original proto-dst : ip daddr . tcp dport size 65535 flags dynamic,timeout timeout 6m diff --git a/tests/shell/testcases/maps/typeof_maps_concat_update_0 b/tests/shell/testcases/maps/typeof_maps_concat_update_0 index 645ae142..e996f14e 100755 --- a/tests/shell/testcases/maps/typeof_maps_concat_update_0 +++ b/tests/shell/testcases/maps/typeof_maps_concat_update_0 @@ -4,13 +4,13 @@ EXPECTED="table ip foo { map pinned { - typeof ip daddr . tcp dport : ip daddr . tcp dport + typeof ip saddr . ct original proto-dst : ip daddr . tcp dport size 65535 flags dynamic,timeout timeout 6m } chain pr { - meta l4proto tcp update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport } + update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport } } }"