[Bug 1354] New: cat foo.nft | nft -f - produces syntax error not seen with nft -f foo.nft

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sun Jul 21 11:17:41 CEST 2019


https://bugzilla.netfilter.org/show_bug.cgi?id=1354

            Bug ID: 1354
           Summary: cat foo.nft | nft -f - produces syntax error not seen
                    with nft -f foo.nft
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: Debian GNU/Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: jonas at zombofant.net

Created attachment 565
  --> https://bugzilla.netfilter.org/attachment.cgi?id=565&action=edit
File reproducing the issue

root is not needed to reproduce this.

How to reproduce:

1. Download the attached file
2. Execute cat foo.nft | nft -f -
3. Execute nft -f foo.nft

I expect both commands to behave exactly the same, given that the inputs are
exactly the same (just delivered through a different mechanism).

However, cat foo.nft | nft -f - produces an error message:

/dev/stdin:819:5-10: Error: syntax error, unexpected string

nft -f foo.nft works.

I dug further into this with other examples, and it looks to me as if -f - eats
single bytes from the input before they reach the parser. I don't have an
example at hand which reproduces this though.

(The example file is obviously contrived to reproduce the bug.)

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190721/8a87612b/attachment.html>


More information about the netfilter-buglog mailing list