[PATCH 1/2] set: remove unused set_clone() function

[PATCH 1/2] set: remove unused set_clone() function

[Patrick McHardy]

The set_clone() function was added by the event monitor patchset and is
unused. It is also broken since it simply initializes the list head to
the list of the original set, so remove it.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 include/rule.h |  1 -
 src/rule.c     | 18 ------------------
 2 files changed, 19 deletions(-)

diff --git a/include/rule.h b/include/rule.h
index 0c52315..491411e 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -203,7 +203,6 @@ struct set {
 extern struct set *set_alloc(const struct location *loc);
 extern struct set *set_get(struct set *set);
 extern void set_free(struct set *set);
-extern struct set *set_clone(const struct set *set);
 extern void set_add_hash(struct set *set, struct table *table);
 extern struct set *set_lookup(const struct table *table, const char *name);
 extern struct set *set_lookup_global(uint32_t family, const char *table,
diff --git a/src/rule.c b/src/rule.c
index dd39e8a..feafe26 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -80,24 +80,6 @@ void set_free(struct set *set)
 	xfree(set);
 }
 
-struct set *set_clone(const struct set *set)
-{
-	struct set *newset = set_alloc(&set->location);
-
-	newset->list = set->list;
-	handle_merge(&newset->handle, &set->handle);
-	newset->flags = set->flags;
-	newset->keytype = set->keytype;
-	newset->keylen = set->keylen;
-	newset->datatype = set->datatype;
-	newset->datalen = set->datalen;
-	newset->init = expr_clone(set->init);
-	newset->policy = set->policy;
-	newset->desc.size = set->desc.size;
-
-	return newset;
-}
-
 void set_add_hash(struct set *set, struct table *table)
 {
 	list_add_tail(&set->list, &table->sets);
-- 
2.1.0

[PATCH 2/2] expr: fix crash when listing non-verdict mappings

[Patrick McHardy]

Fix regression introduced by commit 87c2a2205:

  netlink_delinearize: clone on netlink_get_register(), release previous on _set()

When using a non-verdict mapping, the set ref expression is assigned to the
destination register. The next get_register() will attempt to clone it and
crash because of the missing ->clone() callback.

# nft filter input meta mark set ip daddr map { 192.168.0.1 : 123 }
# nft list table filter
Segmentation fault (core dumped)

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 src/expression.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/expression.c b/src/expression.c
index 8ba2e8a..5b848da 100644
--- a/src/expression.c
+++ b/src/expression.c
@@ -858,6 +858,11 @@ static void set_ref_expr_print(const struct expr *expr)
 		printf("@%s", expr->set->handle.set);
 }
 
+static void set_ref_expr_clone(struct expr *new, const struct expr *expr)
+{
+	new->set = set_get(expr->set);
+}
+
 static void set_ref_expr_destroy(struct expr *expr)
 {
 	set_free(expr->set);
@@ -867,6 +872,7 @@ static const struct expr_ops set_ref_expr_ops = {
 	.type		= EXPR_SET_REF,
 	.name		= "set reference",
 	.print		= set_ref_expr_print,
+	.clone		= set_ref_expr_clone,
 	.destroy	= set_ref_expr_destroy,
 };
 
-- 
2.1.0