netfilter buglog - Jul 2016 - [Bug 1079] New: nft-0.6: segfault on add rule ip filter INPUT ip protocol igmp counter accept

https://bugzilla.netfilter.org/show_bug.cgi?id=1079

            Bug ID: 1079
           Summary: nft-0.6: segfault on add rule ip filter INPUT ip
                    protocol igmp counter accept
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: nvinson234 at gmail.com

This is based on Gentoo bug #588192.  The bug report claims the issue
doesn't
exist in v0.5.  I have confirmed this is true.  A git bisect session seems to
indicate that the issue may be with commit
20b1131c07acd2fc71803be592430f0e06c4090e.

I've included the GDB session output below.

Starting program: /sbin/nft add rule ip filter INPUT ip protocol igmp counter
accept

Program received signal SIGSEGV, Segmentation fault.
0x0000000000417136 in payload_expr_pctx_update (ctx=0x7fffffffe748,
expr=0x6767f0) at payload.c:88
88        assert(desc->base <= PROTO_BASE_MAX);
#0  0x0000000000417136 in payload_expr_pctx_update (ctx=0x7fffffffe748,
expr=0x6767f0) at payload.c:88
#1  0x0000000000413453 in expr_evaluate_relational (ctx=0x7fffffffe708,
expr=0x6768c8) at evaluate.c:1436
#2  0x0000000000413a26 in expr_evaluate (ctx=0x7fffffffe708, expr=0x6768c8) at
evaluate.c:1584
#3  0x0000000000413a84 in stmt_evaluate_expr (ctx=0x7fffffffe708,
stmt=0x676880) at evaluate.c:1593
#4  0x0000000000415289 in stmt_evaluate (ctx=0x7fffffffe708, stmt=0x676880) at
evaluate.c:2290
#5  0x0000000000415b94 in rule_evaluate (ctx=0x7fffffffe708, rule=0x676a60) at
evaluate.c:2470
#6  0x000000000041622b in cmd_evaluate_add (ctx=0x7fffffffe708, cmd=0x676b50)
at evaluate.c:2614
#7  0x0000000000416a0b in cmd_evaluate (ctx=0x7fffffffe708, cmd=0x676b50) at
evaluate.c:2857
#8  0x000000000043a3d6 in nft_parse (scanner=0x6764c0, state=0x7fffffffe120) at
parser_bison.y:672
#9  0x0000000000405d15 in nft_run (scanner=0x6764c0, state=0x7fffffffe120,
msgs=0x7fffffffe110) at main.c:231
#10 0x000000000040622a in main (argc=11, argv=0x7fffffffe928) at main.c:361

steps to reproduce:
1. nft create table ip filter INPUT
2. nft create chain ip filter INPUT \{ type filGenter hook input priority 0\;
policy drop \; \}
3. nft add rule ip filter INPUT ip protocol igmp counter accept

Expected Results:
A new rule to allow igmp messages.

Actual Results:
Segmentation fault

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160710/606babeb/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1079

--- Comment #1 from nvinson234 at gmail.com ---
I had some more time to work with this issue.  I can't reproduce with
master.
Therefore, the issue is probably already fixed.  I'll leave this bug open
for a
second opinion just in case I missed something.

Thanks.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160710/030d09bd/attachment.html>

https://bugzilla.netfilter.org/show_bug.cgi?id=1079

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED

--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Yes, this is fixed by:

http://git.netfilter.org/nftables/commit/?id=3503738f77cdbe521da1054a37f59ac2e442b4cf

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160711/c3ec753d/attachment.html>