| Message ID | 20180529141644.25978-1-fw@strlen.de |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | [nft] tests: shell: add crash reproducer | expand |
diff --git a/tests/shell/testcases/cache/0001_cache_handling_0 b/tests/shell/testcases/cache/0001_cache_handling_0 index 20c19117033d..77afdf8d9072 100755 --- a/tests/shell/testcases/cache/0001_cache_handling_0 +++ b/tests/shell/testcases/cache/0001_cache_handling_0 @@ -16,6 +16,10 @@ table inet test { set -e $NFT -f - <<< $RULESET +TMP=$(mktemp) +echo "$RULESET" >> "$TMP" +$NFT "flush ruleset;include \"$TMP\"" +rm -f "$TMP" rule_handle=$($NFT list ruleset -a | awk '/saddr/{print $NF}') $NFT delete rule inet test test handle $rule_handle $NFT delete set inet test test
Two reports point to a crash in nft when 'flush' is provided on existing ruleset. In that case, nft will crash with a null-ptr dereference. "evaluate: do not inconditionally update cache from flush command" causes the commit to fail due to a cache inconsistency, we then trip over NULL location->indesc. Cause of 2nd bug not known yet, not sure how to fix cache issue either, so only adding reproducer so this can be fixed later. Without erec bug, the (errnoeous) error message would be Could not process rule: File exists Reported-by: Oleksandr Natalenko <oleksandr@natalenko.name> Reported-by: Timothy Redaelli <tredaelli@redhat.com> Signed-off-by: Florian Westphal <fw@strlen.de> --- tests/shell/testcases/cache/0001_cache_handling_0 | 4 ++++ 1 file changed, 4 insertions(+)