<html>

    <head>

      <base href="https://bugzilla.netfilter.org/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - EMLINK error for NFT_GOTO"

   href="https://bugzilla.netfilter.org/show_bug.cgi?id=1459">1459</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>EMLINK error for NFT_GOTO

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>nftables

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>unspecified

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>x86_64

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P5

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>kernel

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>pablo@netfilter.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>steve@opendium.com

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=605" name="attach_605" title="Don't increment pctx->level when following gotos">attachment 605</a> <a href="attachment.cgi?id=605&action=edit" title="Don't increment pctx->level when following gotos">[details]</a></span>

Don't increment pctx->level when following gotos

nft_immediate_validate() and nft_lookup_validate_setelem() treat NFT_GOTO and

NFT_JUMP identically, incrementing pctx->level for both.  This results in a

-EMLINK ("Too many links") being unexpectedly returned for rulesets that use

lots of gotos.

Having looked at other parts of the code, I can't see a reason for incrementing

the stack level for NFT_GOTO - it doesn't appear to use any real stack space.

The attached patch fixes this problem.

A couple of stylistic comments on the code, which I haven't attempted to fix:

1. ctx is passed as a const, but the constness is cast away, which isn't great

practice.

2. ctx->level is modified, even though ctx is passed as a const, and in the

case of an error the original value isn't restored.  I'm guessing that the

caller probably throws away ctx anyway, so this probably doesn't have any

real-world implications, other than the potential for future bugs introduced by

someone expecting const to mean const.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are watching all bug changes.</li>

      </ul>

    </body>

</html>