bugzilla-daemon at netfilter.org
2017-May-29 16:14 UTC
[Bug 1152] New: iptables-xml crashed on -D rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Bug ID: 1152 Summary: iptables-xml crashed on -D rules Product: iptables Version: 1.4.x Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: unknown Assignee: netfilter-buglog at lists.netfilter.org Reporter: ivan.agarkov at gmail.com [root at server ~]# cat /etc/iptables.post *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [5103:1388026] -D INPUT -p tcp --dport 2200 -j ACCEPT [root at server ~]# gdb /usr/bin/iptables-xml GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/sbin/xtables-multi...Reading symbols from /usr/lib/debug/usr/sbin/xtables-multi.debug...done. done. (gdb) run < /etc/iptables.post Starting program: /usr/bin/iptables-xml < /etc/iptables.post <iptables-rules version="1.0"> <!-- # Managed by puppet --> <table name="filter" > Program received signal SIGSEGV, Segmentation fault. __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:165 165 movdqu (%rsi), %xmm2 (gdb) bt #0 __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse42.S:165 #1 0x00000000004041f8 in needChain (chain=0x0) at iptables-xml.c:276 #2 iptables_xml_main (argc=<optimized out>, argv=<optimized out>) at iptables-xml.c:848 #3 0x00007ffff711eb35 in __libc_start_main (main=0x403200 <main>, argc=1, ubp_av=0x7fffffffe2a8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe298) at ../csu/libc-start.c:274 #4 0x0000000000403233 in _start () -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170529/3e4a193f/attachment.html>
bugzilla-daemon at netfilter.org
2017-May-29 16:15 UTC
[Bug 1152] iptables-xml crashed on -D rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Ivan Agarkov <ivan.agarkov at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- OS|All |RedHat Linux Hardware|All |x86_64 -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170529/bedb9756/attachment.html>
bugzilla-daemon at netfilter.org
2017-May-29 16:15 UTC
[Bug 1152] iptables-xml crashes on -D rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Ivan Agarkov <ivan.agarkov at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|iptables-xml crashed on -D |iptables-xml crashes on -D |rules |rules -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170529/c2866b02/attachment.html>
bugzilla-daemon at netfilter.org
2017-Jun-01 15:28 UTC
[Bug 1152] iptables-xml crashes on -D rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Oliver Ford <ojford at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ojford at gmail.com Assignee|netfilter-buglog at lists.netf |ojford at gmail.com |ilter.org | Status|NEW |ASSIGNED -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170601/2c348b55/attachment.html>
bugzilla-daemon at netfilter.org
2017-Jun-02 10:44 UTC
[Bug 1152] iptables-xml crashes on -D rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 --- Comment #1 from Oliver Ford <ojford at gmail.com> --- This particular issue was fixed by commit f53b78e423d82b0c71c076480f52edeb5eaec5f8 and included in the 1.6.0 release. However, there are other ways to cause a segfault. Including a jump without a target segfaults, e.g.: *filter -A INPUT -p tcp --dport 2200 -j I will add a check for this malformed jump and look for any other ways to cause a crash. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170602/be9f820b/attachment.html>
bugzilla-daemon at netfilter.org
2017-Jun-02 10:45 UTC
[Bug 1152] iptables-xml crashes on malformed input
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Oliver Ford <ojford at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|iptables-xml crashes on -D |iptables-xml crashes on |rules |malformed input -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170602/65daf527/attachment.html>
bugzilla-daemon at netfilter.org
2017-Jun-02 11:05 UTC
[Bug 1152] iptables-xml crashes on malformed input
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Florian Westphal <fw at strlen.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fw at strlen.de --- Comment #2 from Florian Westphal <fw at strlen.de> --- What would be great would be to hook up all netfilter projects (iptables, nftables, libnftnl, libmnl, etc etc) with oss-fuzz project. It would require some effort though to provide fuzz targets in all our projects: https://github.com/google/oss-fuzz/blob/master/docs/ideal_integration.md -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170602/96875df4/attachment.html>
bugzilla-daemon at netfilter.org
2017-Jun-02 15:35 UTC
[Bug 1152] iptables-xml crashes on malformed input
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 --- Comment #3 from Oliver Ford <ojford at gmail.com> --- I've sent a patch for the jump without target segfault. I'll look in to adding iptables to oss-fuzz as a starting point. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170602/bddc2feb/attachment.html>
bugzilla-daemon at netfilter.org
2017-Jun-20 09:38 UTC
[Bug 1152] iptables-xml crashes on malformed input
https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Oliver Ford <ojford at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution|--- |FIXED --- Comment #4 from Oliver Ford <ojford at gmail.com> --- The two segfaults already mentioned have been fixed, and I can't find any more in iptables-xml. So I'll resolve this bug and we can track fuzz testing separately. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170620/53d42923/attachment.html>
Reasonably Related Threads
- [Bug 1085] New: No warning for weird interface characters if interface contains wildcard character
- [Bug 905] New: Please support passing a filename to iptables-save
- [Bug 961] New: Can not remove rules with the default --mask parameter (-m recent)
- [Bug 1131] New: iptables-restore crashes on some fuzzed input
- [Bug 989] New: Deprecated function gethostbyaddr used in xtables