* [PATCH nft] segtree: release single element already contained in an interval
@ 2021-03-16 23:55 Pablo Neira Ayuso
0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2021-03-16 23:55 UTC (permalink / raw)
To: netfilter-devel
Before this patch:
table ip x {
chain y {
ip saddr { 1.1.1.1-1.1.1.2, 1.1.1.1 }
}
}
results in:
table ip x {
chain y {
ip saddr { 1.1.1.1 }
}
}
due to incorrect interval merge logic.
If the element 1.1.1.1 is already contained in an existing interval
1.1.1.1-1.1.1.2, release it.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1512
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
src/segtree.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/segtree.c b/src/segtree.c
index 9aa39e52d8a0..ad199355532e 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -210,6 +210,12 @@ static int ei_insert(struct list_head *msgs, struct seg_tree *tree,
ei = lei;
goto err;
}
+ /* single element contained in an existing interval */
+ if (mpz_cmp(new->left, new->right) == 0) {
+ ei_destroy(new);
+ goto out;
+ }
+
/*
* The new interval is entirely contained in the same interval,
* split it into two parts:
@@ -277,7 +283,7 @@ static int ei_insert(struct list_head *msgs, struct seg_tree *tree,
}
__ei_insert(tree, new);
-
+out:
mpz_clear(p);
return 0;
--
2.20.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-03-16 23:56 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-16 23:55 [PATCH nft] segtree: release single element already contained in an interval Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).