[Bug 1444] New: nftables-0.9.6 crashes on some set notations:

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sun Jul 19 13:08:07 CEST 2020 

https://bugzilla.netfilter.org/show_bug.cgi?id=1444

            Bug ID: 1444
           Summary: nftables-0.9.6 crashes on some set notations:
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: slyfox at inbox.ru

Small reproducer:

$ cat a.nft
    flush ruleset

    table inet filter {
        chain foo {
            udp dport { 53 } counter accept
        }
    }

    list ruleset

$ ./src/nft -c -f a.nft
table inet filter {
        chain foo {
                meta l4proto udp udp dport Segmentation fault (core dumped)

$ gdb --quiet
/tmp/portage/net-firewall/nftables-0.9.6/work/nftables-0.9.6/src/.libs/nft
core.80359
Reading symbols from
/tmp/portage/net-firewall/nftables-0.9.6/work/nftables-0.9.6/src/.libs/nft...
[New LWP 80359]
Core was generated by
`/tmp/portage/net-firewall/nftables-0.9.6/work/nftables-0.9.6/src/.libs/nft -c
-'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f30cec3bfe2 in expr_ops (e=0x0) at expression.c:1366
1366            return __expr_ops_by_type(e->etype);
(gdb) bt
#0  0x00007f30cec3bfe2 in expr_ops (e=0x0) at expression.c:1366
#1  0x00007f30cec393a8 in expr_print (expr=0x0, octx=0x55637f6e52c0) at
expression.c:101
#2  0x00007f30cec3b84f in set_ref_expr_print (expr=0x55637f6eb980,
octx=0x55637f6e52c0) at expression.c:1195
#3  0x00007f30cec393d1 in expr_print (expr=0x55637f6eb980, octx=0x55637f6e52c0)
at expression.c:104
#4  0x00007f30cec3a5d4 in binop_arg_print (op=0x55637f6ebb50,
arg=0x55637f6eb980, octx=0x55637f6e52c0) at expression.c:612
#5  0x00007f30cec3a72c in binop_expr_print (expr=0x55637f6ebb50,
octx=0x55637f6e52c0) at expression.c:637
#6  0x00007f30cec393d1 in expr_print (expr=0x55637f6ebb50, octx=0x55637f6e52c0)
at expression.c:104
#7  0x00007f30cec334e0 in expr_stmt_print (stmt=0x55637f6ebbe0,
octx=0x55637f6e52c0) at statement.c:72
#8  0x00007f30cec2c5db in rule_print (rule=0x55637f6ebe10, octx=0x55637f6e52c0)
at rule.c:655
#9  0x00007f30cec2dac0 in chain_print (chain=0x55637f6eb630,
octx=0x55637f6e52c0) at rule.c:1221
#10 0x00007f30cec2e50e in table_print (table=0x55637f6eb3d0,
octx=0x55637f6e52c0) at rule.c:1387
#11 0x00007f30cec2f981 in do_list_table (ctx=0x7fff2a98d110,
cmd=0x55637f6ec290, table=0x55637f6eb3d0) at rule.c:1770
#12 0x00007f30cec31ce3 in do_list_ruleset (ctx=0x7fff2a98d110,
cmd=0x55637f6ec290) at rule.c:2405
#13 0x00007f30cec32289 in do_command_list (ctx=0x7fff2a98d110,
cmd=0x55637f6ec290) at rule.c:2527
#14 0x00007f30cec32bc4 in do_command (ctx=0x7fff2a98d110, cmd=0x55637f6ec290)
at rule.c:2753
#15 0x00007f30cec6faf5 in nft_netlink (nft=0x55637f6e52a0, cmds=0x7fff2a98d1c0,
msgs=0x7fff2a98d1b0, nf_sock=0x55637f6e5f30) at libnftables.c:42
#16 0x00007f30cec70c81 in nft_run_cmd_from_filename (nft=0x55637f6e52a0,
filename=0x7fff2a98eb59 "a.nft") at libnftables.c:512
#17 0x000055637e892f41 in main (argc=4, argv=0x7fff2a98d348) at main.c:459

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200719/890d3bb1/attachment-0001.html>

More information about the netfilter-buglog mailing list