netfilter buglog - Nov 2023 - [Bug 1723] New: ebtables-nft help output woes

https://bugzilla.netfilter.org/show_bug.cgi?id=1723

            Bug ID: 1723
           Summary: ebtables-nft help output woes
           Product: ebtables
           Version: unspecified
          Hardware: x86_64
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ebtables-nft
          Assignee: pablo at netfilter.org
          Reporter: phil at nwl.cc

The list of extensions returned from 'ebtables-nft -h list_extensions'
is more
than incomplete:

| # ebtables -h list_extensions                 
| ebtables v1.8.10 (nf_tables)
| Loaded userspace extensions:
| 
| Loaded targets:
| nflog
| log
| 
| Loaded matches:

Listing most extensions does not work:

| # ebtables -h 802_3          
| ebtables v1.8.10 (nf_tables): Extension '802_3' not found
| Try `ebtables -h' or 'ebtables --help' for more information.

Those that work, cause double free at program exit:

| # ebtables -h nflog          
| ebtables 1.8.10 (nf_tables)
| [...]
| nflog options:
| --nflog               : use the default nflog parameters
| --nflog-prefix prefix : Prefix string for log message
| --nflog-group group   : NETLINK group used for logging
| --nflog-range range   : Number of byte to copy
| --nflog-threshold     : Message threshold ofin-kernel queue
| free(): double free detected in tcache 2
| zsh: IOT instruction  sudo ../../../install/sbin/ebtables -h nflog

It is caused by nft_fini() freeing 'target->t' in xtables_targets
list which
apparently has been freed already by ebt_cs_clean(). Maybe the
xtables_find_target() call is bad?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20231110/d42e038c/attachment.html>