bugzilla-daemon at netfilter.org
2020-Feb-01 22:26 UTC
[Bug 1403] New: Timeout object with invalid time unit crashes nft
https://bugzilla.netfilter.org/show_bug.cgi?id=1403
Bug ID: 1403
Summary: Timeout object with invalid time unit crashes nft
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: kfm at plushkava.net
Saving the following to a file then testing with nft -c -f causes a
segmentation fault.
table ip filter {
ct timeout mytimeout {
protocol tcp;
policy = { established: 2h }
}
}
As I quickly realised, "h" cannot be specified as a unit of time here.
Still,
it should not crash. I can reproduce this in both Arch and Gentoo Linux with
the latest formal releases of nftables and its supporting libraries. Let me
know if not reproducible on your side; I shall provide more details in that
case.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200201/4d9f3005/attachment.html>
bugzilla-daemon at netfilter.org
2020-Apr-15 22:02 UTC
[Bug 1403] Timeout object with invalid time unit crashes nft
https://bugzilla.netfilter.org/show_bug.cgi?id=1403
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Parser is buggy, patch to fix this available here:
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20200415220114.585390-1-pablo
at netfilter.org/
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200415/43432547/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jul-22 15:42 UTC
[Bug 1403] Timeout object with invalid time unit crashes nft
https://bugzilla.netfilter.org/show_bug.cgi?id=1403
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Available upstream since 0.9.6, closing. Thanks for reporting
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200722/f4105b7f/attachment-0001.html>
Possibly Parallel Threads
- [Bug 1406] New: nft dies with an assertion of consumed > 0
- [Bug 1391] New: iptables-nft-restore --test can segfault
- [Bug 1254] New: nft commandline tool can't parse negative priority values.
- [Bug 1424] New: v0.9.0: segfault when using nft -f <file> and issuing "ruleset flush" twice
- [Bug 1100] New: Support 'nft flush set'