| Message ID | 20200509093601.14671-1-pablo@netfilter.org |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | [nft,v2] mnl: fix error rule reporting with missing table/chain and anonymous sets | expand |
diff --git a/src/evaluate.c b/src/evaluate.c index de5f60ec1f4d..a057be5e553a 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -101,6 +101,7 @@ static struct expr *implicit_set_declaration(struct eval_ctx *ctx, handle_merge(&set->handle, &ctx->cmd->handle); memset(&h, 0, sizeof(h)); handle_merge(&h, &set->handle); + h.set.location = expr->location; cmd = cmd_alloc(CMD_ADD, CMD_OBJ_SET, &h, &expr->location, set); cmd->location = set->location; list_add_tail(&cmd->list, &ctx->cmd->list);
handle_merge() skips handle location initialization because set name != NULL. Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7f64f1e in erec_print (octx=0x55555555d2c0, erec=0x55555555fcf0, debug_mask=0) at erec.c:95 95 switch (indesc->type) { (gdb) bt buf=0x55555555db20 "add rule inet traffic-filter input tcp dport { 22, 80, 443 } accept") at libnftables.c:459 (gdb) p indesc $1 = (const struct input_descriptor *) 0x0 Closes: http://bugzilla.opensuse.org/show_bug.cgi?id=1171321 Fixes: 086ec6f30c96 ("mnl: extended error support for create command") Reported-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- v2: Fix this from evaluation phas which does not initialize location. src/evaluate.c | 1 + 1 file changed, 1 insertion(+)