[Bug 868] New: Null pointer segfault in netlink code
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Oct 24 20:42:58 CEST 2013
https://bugzilla.netfilter.org/show_bug.cgi?id=868
Summary: Null pointer segfault in netlink code
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: nft
AssignedTo: pablo at netfilter.org
ReportedBy: john at sager.me.uk
Estimated Hours: 0.0
In returning set information, the kernel omits the FLAGS attribute if it is
zero (nf_tables_fill_set() in nf_tables_api.c). Consequently, calls to
nft_set_attr_get_u32() in netlink.c fail because that routine (in libnftables)
dereferences a null pointer returned by nft_set_attr_get(). I fixed it in nft
by calling nft_set_attr_is_set() to test for the attribute's existence. It
could also be fixed in the kernel by unconditionally sending the FLAGS
attribute even if it is zero. Also it might be worth putting some more error
checking for missing attributes (do any others get conditionally left out?)
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list