[Bug 1365] nft crashes in chain_print_declaration()

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sun Sep 15 23:11:48 CEST 2019


--- Comment #1 from Sergei Trofimovich <slyfox at inbox.ru> ---
If I add the following asserts to nftables:

--- a/src/rule.c
+++ b/src/rule.c
@@ -1107,6 +1107,8 @@ static void chain_print_declaration(const struct chain
         nft_print(octx, " # handle %" PRIu64, chain->handle.handle.id);
     nft_print(octx, "\n");
     if (chain->flags & CHAIN_F_BASECHAIN) {
+        assert(chain);
+        assert(chain->policy);
         mpz_export_data(&policy, chain->policy->value,
                 BYTEORDER_HOST_ENDIAN, sizeof(int));
         nft_print(octx, "\t\ttype %s hook %s", chain->type,

those crash as:

$ nft -c -f ./nft.ruleset
table inet filter {
    chain prerouting {
nft: ../../../nftables/src/rule.c:1111: chain_print_declaration: Assertion
`chain->policy' failed.

You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190915/8a69facc/attachment.html>

More information about the netfilter-buglog mailing list