[Bug 1754] __list_add SIGSEGV fault

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Tue Jun 11 07:41:29 CEST 2024


https://bugzilla.netfilter.org/show_bug.cgi?id=1754

--- Comment #3 from Egbert S <s.egbert at sbcglobal.net> ---
Back to the original 12 identical 'blackhole' variant of passing-syntaxes.nft:

Further variable dump up the stack at the nft_cmd_collapse() shows '*expr' had
the 'prev = 0'

(gdb) p *expr
$20 = {list = {next = 0x55555557e488, prev = 0x0}, location = {indesc =
0x55555555cd70, {{token_offset = 0x2540, line_offset = 0x251a, first_line =
0xce, last_line = 0xce, first_column = 0x1c, last_column = 0x26}, {nle =
0x2540}}}, refcnt = 0x1, flags = 0x0, dtype = 0x7ffff7f846e0 <invalid_type>,
byteorder = BYTEORDER_INVALID, etype = EXPR_SET_ELEM, op = OP_INVALID, len =
0x0, cmd = 0x55555557eca0, {{scope = 0x55555557e940, identifier = 0x0, symtype
= SYMBOL_VALUE}, {sym = 0x55555557e940}, {verdict = 0x5557e940, chain = 0x0,
chain_id = 0x0}, {value = {{_mp_alloc = 0x5557e940, _mp_size = 0x5555, _mp_d =
0x0}}}, {prefix = 0x55555557e940, prefix_len = 0x0}, {expressions = {next =
0x55555557e940, prev = 0x0}, size = 0x0, set_flags = 0x0, field_len =
"\000\000\000\000\000\000\000\000x\352WUUU\000", field_count = 0x78}, {set =
0x55555557e940}, {key = 0x55555557e940, timeout = 0x0, expiration = 0x0,
comment = 0x0, stmt_list = {next = 0x55555557ea78, prev = 0x55555557ea78},
elem_flags = 0x0}, {arg = 0x55555557e940}, {left = 0x55555557e940, right =
0x0}, {map = 0x55555557e940, mappings = 0x0}, payload = {desc = 0x55555557e940,
tmpl = 0x0, base = PROTO_BASE_INVALID, offset = 0x0, is_raw = 0x0, evaluated =
0x0}, exthdr = {desc = 0x55555557e940, tmpl = 0x0, offset = 0x0, raw_type =
0x0, op = NFT_EXTHDR_OP_IPV6, flags = 0x0}, meta = {key = 1431824704, base =
21845}, socket = {key = 1431824704, level = 0x5555}, rt = {key = 1431824704},
ct = {key = 1431824704, base = 21845, direction = 0x0, nfproto = 0x0}, numgen =
{type = (unknown: 0x5557e940), mod = 0x5555, offset = 0x0}, hash = {expr =
0x55555557e940, mod = 0x0, seed_set = 0x0, seed = 0x0, offset = 0x0, type =
NFT_HASH_JENKINS}, fib = {flags = 0x5557e940, result = 0x5555}, xfrm = {key =
1431824704, direction = 0x55, spnum = 0x55}, osf = {ttl = 0x40, flags =
0x5555}, flagcmp = {expr = 0x55555557e940, mask = 0x0, value = 0x0}}}

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240611/e69ed5eb/attachment.html>


More information about the netfilter-buglog mailing list