diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-12-06 18:48:29 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-01-23 01:35:37 +0100 |
| commit | f17991d56c44cf308a6fdae088456c3a5dffd939 (patch) | |
| tree | c0547622cd6a11244586067641052e356cc02b4f /include/statement.h | |
| parent | 0e892ef0c47a242d10afcb1dd36d10132ffa150c (diff) | |
evaluate: reset statement length context before evaluating statement1.0.6.y
commit 8d3de823b622136e1d05a6fed11ff2dc0e804f8a upstream.
This patch consolidates ctx->stmt_len reset in stmt_evaluate() to avoid
this problem. Note that stmt_evaluate_meta() and stmt_evaluate_ct()
already reset it after the statement evaluation.
Moreover, statement dependency can be generated while evaluating a meta
and ct statement. Payload statement dependency already manually stashes
this before calling stmt_evaluate(). Add a new stmt_dependency_evaluate()
function to stash statement length context when evaluating a new statement
dependency and use it for all of the existing statement dependencies.
Florian also says:
'meta mark set vlan id map { 1 : 0x00000001, 4095 : 0x00004095 }' will
crash. Reason is that the l2 dependency generated here is errounously
expanded to a 32bit-one, so the evaluation path won't recognize this
as a L2 dependency. Therefore, pctx->stacked_ll_count is 0 and
__expr_evaluate_payload() crashes with a null deref when
dereferencing pctx->stacked_ll[0].
nft-test.py gains a fugly hack to tolerate '!map typeof vlan id : meta mark'.
For more generic support we should find something more acceptable, e.g.
!map typeof( everything here is a key or data ) timeout ...
tests/py update and assert(pctx->stacked_ll_count) by Florian Westphal.
Fixes: edecd58755a8 ("evaluate: support shifts larger than the width of the left operand")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'include/statement.h')
| -rw-r--r-- | include/statement.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/statement.h b/include/statement.h index e648fb13..f7b46f3d 100644 --- a/include/statement.h +++ b/include/statement.h @@ -406,6 +406,7 @@ struct stmt { extern struct stmt *stmt_alloc(const struct location *loc, const struct stmt_ops *ops); int stmt_evaluate(struct eval_ctx *ctx, struct stmt *stmt); +int stmt_dependency_evaluate(struct eval_ctx *ctx, struct stmt *stmt); extern void stmt_free(struct stmt *stmt); extern void stmt_list_free(struct list_head *list); extern void stmt_print(const struct stmt *stmt, struct output_ctx *octx); |