[Bug 1152] New: iptables-xml crashed on -D rules

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon May 29 18:14:11 CEST 2017


https://bugzilla.netfilter.org/show_bug.cgi?id=1152

            Bug ID: 1152
           Summary: iptables-xml crashed on -D rules
           Product: iptables
           Version: 1.4.x
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: unknown
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: ivan.agarkov at gmail.com

[root at server ~]# cat /etc/iptables.post
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5103:1388026]
-D INPUT -p tcp --dport 2200 -j ACCEPT

[root at server ~]# gdb /usr/bin/iptables-xml 
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/sbin/xtables-multi...Reading symbols from
/usr/lib/debug/usr/sbin/xtables-multi.debug...done.
done.
(gdb) run < /etc/iptables.post
Starting program: /usr/bin/iptables-xml < /etc/iptables.post
<iptables-rules version="1.0">
<!-- # Managed by puppet -->
  <table name="filter" >

Program received signal SIGSEGV, Segmentation fault.
__strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:165
165        movdqu    (%rsi), %xmm2
(gdb) bt
#0  __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:165
#1  0x00000000004041f8 in needChain (chain=0x0) at iptables-xml.c:276
#2  iptables_xml_main (argc=<optimized out>, argv=<optimized out>) at
iptables-xml.c:848
#3  0x00007ffff711eb35 in __libc_start_main (main=0x403200 <main>, argc=1,
ubp_av=0x7fffffffe2a8, init=<optimized out>, 
    fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe298)
at ../csu/libc-start.c:274
#4  0x0000000000403233 in _start ()

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170529/3e4a193f/attachment.html>


More information about the netfilter-buglog mailing list