FS#64755 - [iptables-nft] segfaults on restore with certain input
Attached to Project:
Arch Linux
Opened by Jason A. Donenfeld (zx2c4) - Friday, 06 December 2019, 17:34 GMT
Last edited by freswa (frederik) - Wednesday, 12 February 2020, 11:24 GMT
Opened by Jason A. Donenfeld (zx2c4) - Friday, 06 December 2019, 17:34 GMT
Last edited by freswa (frederik) - Wednesday, 12 February 2020, 11:24 GMT
|
Details
Here's a minimal reproducer:
printf '*filter\nCOMMIT\n*raw\nCOMMIT\n*mangle\nCOMMIT\n' | sudo iptables-nft-restore -n Here's a backtrace: (gdb) run -n /root/blah Starting program: /usr/bin/iptables-restore -n /root/blah Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7f98cc9 in nftnl_table_list_free () from /usr/lib/libnftnl.so.11 (gdb) bt #0 0x00007ffff7f98cc9 in nftnl_table_list_free () from /usr/lib/libnftnl.so.11 #1 0x0000555555564546 in ?? () #2 0x0000555555567f21 in ?? () #3 0x000055555556082a in ?? () #4 0x0000555555561063 in ?? () #5 0x00007ffff7dd9153 in __libc_start_main () from /usr/lib/libc.so.6 #6 0x000055555555c07e in ?? () |
This task depends upon
Closed by freswa (frederik)
Wednesday, 12 February 2020, 11:24 GMT
Reason for closing: Fixed
Additional comments about closing: 1:1.8.4-1
Wednesday, 12 February 2020, 11:24 GMT
Reason for closing: Fixed
Additional comments about closing: 1:1.8.4-1
Comment by Philip Müller (philm) -
Friday, 17 January 2020, 10:28 GMT
See here:
https://bugzilla.netfilter.org/show_bug.cgi?id=1394
For now only a downgrade to 1.8.3 can act as a workaround. The
regression was introduced with 1.8.4
Comment by
Michel Koss (MichelKoss1) - Friday,
31 January 2020, 18:02 GMT
@philm this bug report was opened against 1.8.3. 1.8.4 fixes the
reproducer presented here. Bug you link to is different issue.