* [PATCH nft 1/2] parser_bison: missing initialization of ct timeout policy list
@ 2021-07-22 16:52 Pablo Neira Ayuso
2021-07-22 16:52 ` [PATCH nft 2/2] parser_json: inconditionally initialize ct timeout list Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Pablo Neira Ayuso @ 2021-07-22 16:52 UTC (permalink / raw)
To: netfilter-devel
rule.c:1715:3: runtime error: member access within null pointer of type 'struct timeout_state'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==29500==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f5bfd43c2a4 bp 0x7ffcb82f13b0 sp 0x7ffcb82f1360 T0)
==29500==The signal is caused by a READ memory access.
==29500==Hint: address points to the zero page.
#0 0x7f5bfd43c2a3 in obj_free /home/test/nftables/src/rule.c:1715
#1 0x7f5bfd43875d in cmd_free /home/test/nftables/src/rule.c:1447
#2 0x7f5bfd58e6f2 in nft_run_cmd_from_filename /home/test/nftables/src/libnftables.c:628
#3 0x5645c48762b1 in main /home/test/nftables/src/main.c:512
#4 0x7f5bfc0eb09a in __libc_start_main ../csu/libc-start.c:308
#5 0x5645c4873459 in _start (/home/test/nftables/src/.libs/nft+0x9459)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/test/nftables/src/rule.c:1715 in obj_free
==29500==ABORTING
Fixes: 7a0e26723496 ("rule: memleak of list of timeout policies")
Signed-off-by: Pablo Neira Ayuso <test@netfilter.org>
---
src/parser_bison.y | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 790cd832b742..5545a43d160e 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -1313,6 +1313,8 @@ delete_cmd : TABLE table_or_id_spec
| CT ct_obj_type obj_spec ct_obj_alloc close_scope_ct
{
$$ = cmd_alloc_obj_ct(CMD_DELETE, $2, &$3, &@$, $4);
+ if ($2 == NFT_OBJECT_CT_TIMEOUT)
+ init_list_head(&$4->ct_timeout.timeout_list);
}
| LIMIT obj_or_id_spec close_scope_limit
{
--
2.20.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [PATCH nft 2/2] parser_json: inconditionally initialize ct timeout list
2021-07-22 16:52 [PATCH nft 1/2] parser_bison: missing initialization of ct timeout policy list Pablo Neira Ayuso
@ 2021-07-22 16:52 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2021-07-22 16:52 UTC (permalink / raw)
To: netfilter-devel
The policy is optional, make sure this timeout list is initialized.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
src/parser_json.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/parser_json.c b/src/parser_json.c
index e03b51697cb7..666aa2fcc9ec 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -3204,7 +3204,6 @@ static int json_parse_ct_timeout_policy(struct json_ctx *ctx,
return 1;
}
- init_list_head(&obj->ct_timeout.timeout_list);
json_object_foreach(tmp, key, val) {
struct timeout_state *ts;
@@ -3351,6 +3350,7 @@ static struct cmd *json_parse_cmd_add_object(struct json_ctx *ctx,
}
obj->ct_helper.l3proto = l3proto;
+ init_list_head(&obj->ct_timeout.timeout_list);
if (json_parse_ct_timeout_policy(ctx, root, obj)) {
obj_free(obj);
return NULL;
--
2.20.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-07-22 16:53 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-22 16:52 [PATCH nft 1/2] parser_bison: missing initialization of ct timeout policy list Pablo Neira Ayuso
2021-07-22 16:52 ` [PATCH nft 2/2] parser_json: inconditionally initialize ct timeout list Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.