src: avoid errouneous assert with map+concat

Florian Westphal · Florian Westphal · commit 483e5ea7167e · 2018-03-27T11:36:58.000+02:00
Phil reported following assert:

add rule ip6 f o mark set ip6 saddr . ip6 daddr . tcp dport \
                        map { dead::beef . f00::. 22 : 1 }
nft: netlink_linearize.c:655: netlink_gen_expr: Assertion `dreg &lt; ctx-&gt;reg_low' failed.

This happens because "mark set" will allocate one register (the dreg),
but netlink_gen_concat_expr will populate a lot more register space if
the concat expression strings a lot of expressions together.

As the assert is useful pseudo-reserve the register space as per
concat-&gt;len and undo after generating the expressions.

Reported-by: Phil Sutter &lt;phil@nwl.cc&gt;
Signed-off-by: Florian Westphal &lt;fw@strlen.de&gt;
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
@@ -243,6 +243,7 @@ static void netlink_gen_map(struct netlink_linearize_ctx *ctx,
 {
 	struct nftnl_expr *nle;
 	enum nft_registers sreg;
+	int regspace = 0;
 
 	assert(expr->mappings->ops->type == EXPR_SET_REF);
 
@@ -251,7 +252,14 @@ static void netlink_gen_map(struct netlink_linearize_ctx *ctx,
 	else
 		sreg = dreg;
 
+	/* suppress assert in netlink_gen_expr */
+	if (expr->map->ops->type == EXPR_CONCAT) {
+		regspace = netlink_register_space(expr->map->len);
+		ctx->reg_low += regspace;
+	}
+
 	netlink_gen_expr(ctx, expr->map, sreg);
+	ctx->reg_low -= regspace;
 
 	nle = alloc_nft_expr("lookup");
 	netlink_put_register(nle, NFTNL_EXPR_LOOKUP_SREG, sreg);
