[PATCH] Yet another bug in NormalExpression's restrict()

Faidon Liambotis paravoid at debian.org
Mon Jul 6 02:55:19 UTC 2009


restrict() in NormalExpression seems not to have been thought out well.
It didn't work properly in anything but simple v4/v6 prefixes, probably
needs some serious rework.

This time, the bug is that it set the singleton_flag to PRFX/IPV6_PRFX
if it found a non-empty prefix list inside the term. It didn't account,
however, for terms containing a prefix list *and* something else (e.g.
a community) or for expressions containing multiple, different, terms.

Stop being that smart and just copy the singleton_flag from the
previous, non-restricted(?) normal expression.

This was broken and fixed:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
import:        from AS65000 accept {10.0.0.0/24, 10.1.0.0/24};
                 REFINE {
                   from   AS-ANY
                          accept community.contains(5408:120)
                                 AND {10.0.0.0/24};
                   from   AS-ANY accept ANY;
                 }
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

[this goes on top of my previous patch in the same function, re OR]
---
 src/normalform/NE.cc |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/normalform/NE.cc b/src/normalform/NE.cc
index d4911e5..7ced386 100644
--- a/src/normalform/NE.cc
+++ b/src/normalform/NE.cc
@@ -584,10 +584,12 @@ void NormalExpression::do_and(NormalExpression &other) {
 }
 
 void NormalExpression::restrict(FilterAFI *af) {
+   /* this wasn't thought out so well, needs serious rework */
 
    NormalTerm *term = new NormalTerm;
    NormalExpression *ne = new NormalExpression (*this);
    become_empty();
+   this->singleton_flag = ne->singleton_flag;
 
    for (term = ne->first(); term ; term = ne->next()) {
      if (term->prfx_set.universal() && term->ipv6_prfx_set.universal()) {
@@ -597,13 +599,11 @@ void NormalExpression::restrict(FilterAFI *af) {
        term->ipv6_prfx_set.restrict(af->afi_list);   
        if (! term->ipv6_prfx_set.isEmpty()) {
          *this += term;
-         this->singleton_flag = NormalTerm::IPV6_PRFX;
        }
      } else if (term->ipv6_prfx_set.universal()) {
        term->prfx_set.restrict(af->afi_list);   
        if (! term->prfx_set.isEmpty()) {
          *this += term;
-         this->singleton_flag = NormalTerm::PRFX;
        }
      }
    }
-- 
1.5.6.5




More information about the irrtoolset mailing list