[Bug 834] New: nft crash when invalid meta proto is used

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sat Jul 20 23:44:22 CEST 2013 

https://bugzilla.netfilter.org/show_bug.cgi?id=834

           Summary: nft crash when invalid meta proto is used
           Product: nftables
           Version: unspecified
          Platform: x86_64
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
        AssignedTo: pablo at netfilter.org
        ReportedBy: eric at regit.org
   Estimated Hours: 0.0


The following operation causes a crash:
 nft add rule ip6 filter input position 4  meta protocol icmpv6 accept

1035            switch ((*expr)->ops->type) {
(gdb) bt
#0  0x0000000000409225 in expr_evaluate (ctx=ctx at entry=0x7fffffffd8c0,
expr=expr at entry=0x639638) at src/evaluate.c:1035
#1  0x00000000004093ee in expr_evaluate_symbol (expr=0x639638,
ctx=0x7fffffffd8c0) at src/evaluate.c:216
#2  expr_evaluate (ctx=ctx at entry=0x7fffffffd8c0, expr=expr at entry=0x639638) at
src/evaluate.c:1037
#3  0x0000000000409b8f in expr_evaluate_relational (expr=0x6396a8,
ctx=0x7fffffffd8c0) at src/evaluate.c:854
#4  expr_evaluate (ctx=ctx at entry=0x7fffffffd8c0, expr=expr at entry=0x6396a8) at
src/evaluate.c:1068
#5  0x000000000040a962 in stmt_evaluate_expr (stmt=0x639660,
ctx=0x7fffffffd8c0) at src/evaluate.c:1077
#6  stmt_evaluate (ctx=ctx at entry=0x7fffffffe120, stmt=stmt at entry=0x639250) at
src/evaluate.c:1160
#7  0x000000000040aef8 in rule_evaluate (ctx=0x7fffffffe120, rule=0x6397d0) at
src/evaluate.c:1235
#8  0x000000000040b1c5 in cmd_evaluate_add (cmd=0x639860, ctx=0x7fffffffd8c0)
at src/evaluate.c:1292
#9  cmd_evaluate (cmd=0x639860, ctx=0x7fffffffd8c0) at src/evaluate.c:1335
#10 evaluate (ctx=ctx at entry=0x7fffffffd8c0,
commands=commands at entry=0x7fffffffdff0) at src/evaluate.c:1352
#11 0x0000000000404eed in nft_run (scanner=scanner at entry=0x6392a0,
state=state at entry=0x7fffffffda20, msgs=msgs at entry=0x7fffffffda10) at
src/main.c:162
#12 0x0000000000404ba3 in main (argc=12, argv=<optimized out>) at
src/main.c:288

The issue is linked with icmpv6 being used. WHen runn with debug=all option:

<cmdline>:1:52-57: Evaluate
add rule ip6 filter input position 4 meta protocol icmpv6 accept
                                                   ^^^^^^
$icmpv6

BUG: invalid input descriptor type 538976288
nft: src/erec.c:100: erec_print: Assertion `0' failed.
Abandon

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list