mbox series

[nft,0/7] A bunch of JSON printer/parser fixes

Message ID 20240309113527.8723-1-phil@nwl.cc
Headers show
Series A bunch of JSON printer/parser fixes | expand

Message

Phil Sutter March 9, 2024, 11:35 a.m. UTC 
Fix the following flaws in JSON input/output code:

* Patch 3:
  Wrong ordering of 'nft -j list ruleset' preventing a following restore
  of the dump. Code assumed dumping objects before chains was fine in
  all cases, when actually verdict maps may reference chains already.
  Dump like nft_cmd_expand() does when expanding nested syntax for
  kernel submission (chains first, objects second, finally rules).

* Patch 5:
  Maps may contain concatenated "targets". Both printer and parser were
  entirely ignorant of that fact.

* Patch 6:
  Synproxy objects were "mostly" supported, some hooks missing to
  cover for named ones.

Patch 4 applies the new ordering to all stored json-nft dumps. Patch 7
adds new dumps which are now parseable given the fixes above.

Patches 1 and 2 are fallout fixes to initially make the whole shell
testsuite pass on my testing system.

Bugs still present after this series:

* Nested chains remain entirely unsupported
* Maps specifying interval "targets" (i.e., set->data->flags contains
  EXPR_F_INTERVAL bit) will be printed like regular ones and the parser
  then rejects them.

Phil Sutter (7):
  tests: shell: maps/named_ct_objects: Fix for recent kernel
  tests: shell: packetpath/flowtables: Avoid spurious EPERM
  json: Order output like nft_cmd_expand()
  tests: shell: Regenerate all json-nft dumps
  json: Support maps with concatenated data
  parser: json: Support for synproxy objects
  tests: shell: Add missing json-nft dumps

 src/json.c                                    |  18 +-
 src/parser_json.c                             |  35 +-
 .../dumps/0001_cache_handling_0.json-nft      |  16 +-
 .../dumps/0005_cache_chain_flush.json-nft     |  28 +-
 .../dumps/0006_cache_table_flush.json-nft     |  28 +-
 .../dumps/0011endless_jump_loop_1.json-nft    |  75 +++
 .../comments/dumps/comments_0.json-nft        |  16 +-
 .../flowtable/dumps/0001flowtable_0.json-nft  |  16 +-
 .../dumps/0005delete_in_use_1.json-nft        |  16 +-
 .../dumps/0014addafterdelete_0.json-nft       |  22 +-
 .../json/dumps/0001set_statements_0.json-nft  |  24 +-
 .../json/dumps/0005secmark_objref_0.json-nft  |  18 +-
 .../listing/dumps/0013objects_0.json-nft      |  16 +-
 .../dumps/0021ruleset_json_terse_0.json-nft   |  16 +-
 .../listing/dumps/0022terse_0.json-nft        |  24 +-
 .../dumps/0007named_ifname_dtype_0.json-nft   |  16 +-
 .../dumps/0008interval_map_delete_0.json-nft  |  24 +-
 .../maps/dumps/0010concat_map_0.json-nft      | 106 ++++
 .../testcases/maps/dumps/0011vmap_0.json-nft  | 145 +++++
 .../testcases/maps/dumps/0012map_0.json-nft   |  16 +-
 .../maps/dumps/0012map_concat_0.json-nft      |  24 +-
 .../testcases/maps/dumps/0013map_0.json-nft   |  24 +-
 .../maps/dumps/0024named_objects_0.json-nft   | 165 ++++++
 .../maps/dumps/anon_objmap_concat.json-nft    |  24 +-
 .../dumps/map_catchall_double_free_2.json-nft |  46 ++
 .../testcases/maps/dumps/named_ct_objects.nft |   4 +-
 .../maps/dumps/named_limits.json-nft          |  24 +-
 .../maps/dumps/named_snat_map_0.json-nft      |  16 +-
 .../maps/dumps/pipapo_double_flush.json-nft   |  16 +-
 .../dumps/typeof_maps_add_delete.json-nft     |  40 +-
 .../maps/dumps/typeof_maps_update_0.json-nft  |  32 +-
 .../maps/dumps/vmap_mark_bitwise_0.json-nft   | 158 +++++
 .../maps/dumps/vmap_timeout.json-nft          | 229 ++++++++
 tests/shell/testcases/maps/named_ct_objects   |   2 -
 .../nft-f/dumps/0002rollback_rule_0.json-nft  |  22 +-
 .../nft-f/dumps/0003rollback_jump_0.json-nft  |  22 +-
 .../nft-f/dumps/0004rollback_set_0.json-nft   |  22 +-
 .../nft-f/dumps/0005rollback_map_0.json-nft   |  22 +-
 .../nft-f/dumps/0017ct_timeout_obj_0.json-nft |  16 +-
 .../dumps/0018ct_expectation_obj_0.json-nft   |  16 +-
 .../nft-f/dumps/0022variables_0.json-nft      |  24 +-
 .../nft-f/dumps/0029split_file_0.json-nft     |  18 +-
 .../nft-f/dumps/0032pknock_0.json-nft         |  24 +-
 .../optimizations/dumps/merge_vmaps.json-nft  |  26 +-
 .../optimizations/dumps/skip_merge.json-nft   |  32 +-
 .../dumps/skip_unsupported.json-nft           |  16 +-
 .../dumps/comments_objects_0.json-nft         | 102 ++++
 .../owner/dumps/0002-persist.json-nft         |  19 +
 .../testcases/owner/dumps/0002-persist.nft    |   3 +
 .../packetpath/dumps/set_lookups.json-nft     |  24 +-
 tests/shell/testcases/packetpath/flowtables   |   6 +-
 .../dumps/0011reset_0.json-nft                |  32 +-
 .../sets/dumps/0001named_interval_0.json-nft  |  16 +-
 .../dumps/0008create_verdict_map_0.json-nft   |  78 +++
 .../dumps/0022type_selective_flush_0.json-nft |  16 +-
 .../sets/dumps/0024synproxy_0.json-nft        | 131 +++++
 .../sets/dumps/0026named_limit_0.json-nft     |  22 +-
 .../sets/dumps/0028autoselect_0.json-nft      |  24 +-
 .../0037_set_with_inet_service_0.json-nft     |  24 +-
 .../sets/dumps/0038meter_list_0.json-nft      |  16 +-
 .../sets/dumps/0042update_set_0.json-nft      |  16 +-
 .../dumps/0043concatenated_ranges_0.json-nft  |  24 +-
 .../dumps/0045concat_ipv4_service.json-nft    |  16 +-
 .../sets/dumps/0048set_counters_0.json-nft    |  24 +-
 .../sets/dumps/0049set_define_0.json-nft      |  24 +-
 .../dumps/0051set_interval_counter_0.json-nft |  24 +-
 .../dumps/0058_setupdate_timeout_0.json-nft   |  16 +-
 .../dumps/0059set_update_multistmt_0.json-nft |  24 +-
 .../sets/dumps/0060set_multistmt_0.json-nft   |  24 +-
 .../sets/dumps/0060set_multistmt_1.json-nft   |  24 +-
 .../sets/dumps/0064map_catchall_0.json-nft    |  16 +-
 .../0071unclosed_prefix_interval_0.json-nft   |  16 +-
 .../sets/dumps/dynset_missing.json-nft        |  24 +-
 .../testcases/sets/dumps/inner_0.json-nft     |  16 +-
 .../testcases/sets/dumps/set_eval_0.json-nft  |  24 +-
 .../sets/dumps/sets_with_ifnames.json-nft     | 551 ++++++++++++++++++
 .../sets/dumps/type_set_symbol.json-nft       |  32 +-
 .../transactions/dumps/0040set_0.json-nft     |  20 +-
 78 files changed, 2490 insertions(+), 677 deletions(-)
 create mode 100644 tests/shell/testcases/chains/dumps/0011endless_jump_loop_1.json-nft
 create mode 100644 tests/shell/testcases/maps/dumps/0010concat_map_0.json-nft
 create mode 100644 tests/shell/testcases/maps/dumps/0011vmap_0.json-nft
 create mode 100644 tests/shell/testcases/maps/dumps/0024named_objects_0.json-nft
 create mode 100644 tests/shell/testcases/maps/dumps/map_catchall_double_free_2.json-nft
 create mode 100644 tests/shell/testcases/maps/dumps/vmap_mark_bitwise_0.json-nft
 create mode 100644 tests/shell/testcases/maps/dumps/vmap_timeout.json-nft
 create mode 100644 tests/shell/testcases/optionals/dumps/comments_objects_0.json-nft
 create mode 100644 tests/shell/testcases/owner/dumps/0002-persist.json-nft
 create mode 100644 tests/shell/testcases/owner/dumps/0002-persist.nft
 create mode 100644 tests/shell/testcases/sets/dumps/0008create_verdict_map_0.json-nft
 create mode 100644 tests/shell/testcases/sets/dumps/0024synproxy_0.json-nft
 create mode 100644 tests/shell/testcases/sets/dumps/sets_with_ifnames.json-nft

Comments

Phil Sutter March 19, 2024, 5:26 p.m. UTC | #1 
On Sat, Mar 09, 2024 at 12:35:20PM +0100, Phil Sutter wrote:
> Fix the following flaws in JSON input/output code:
> 
> * Patch 3:
>   Wrong ordering of 'nft -j list ruleset' preventing a following restore
>   of the dump. Code assumed dumping objects before chains was fine in
>   all cases, when actually verdict maps may reference chains already.
>   Dump like nft_cmd_expand() does when expanding nested syntax for
>   kernel submission (chains first, objects second, finally rules).
> 
> * Patch 5:
>   Maps may contain concatenated "targets". Both printer and parser were
>   entirely ignorant of that fact.
> 
> * Patch 6:
>   Synproxy objects were "mostly" supported, some hooks missing to
>   cover for named ones.
> 
> Patch 4 applies the new ordering to all stored json-nft dumps. Patch 7
> adds new dumps which are now parseable given the fixes above.
> 
> Patches 1 and 2 are fallout fixes to initially make the whole shell
> testsuite pass on my testing system.
> 
> Bugs still present after this series:
> 
> * Nested chains remain entirely unsupported
> * Maps specifying interval "targets" (i.e., set->data->flags contains
>   EXPR_F_INTERVAL bit) will be printed like regular ones and the parser
>   then rejects them.
> 
> Phil Sutter (7):
>   tests: shell: maps/named_ct_objects: Fix for recent kernel
>   tests: shell: packetpath/flowtables: Avoid spurious EPERM
>   json: Order output like nft_cmd_expand()
>   tests: shell: Regenerate all json-nft dumps
>   json: Support maps with concatenated data
>   parser: json: Support for synproxy objects
>   tests: shell: Add missing json-nft dumps

Series applied after dropping patch 1 and rebasing onto current HEAD.
Pablo Neira Ayuso April 24, 2024, 8:06 p.m. UTC | #2 
Hi Phil,

On Sat, Mar 09, 2024 at 12:35:20PM +0100, Phil Sutter wrote:
> Fix the following flaws in JSON input/output code:
> 
> * Patch 3:
>   Wrong ordering of 'nft -j list ruleset' preventing a following restore
>   of the dump. Code assumed dumping objects before chains was fine in
>   all cases, when actually verdict maps may reference chains already.
>   Dump like nft_cmd_expand() does when expanding nested syntax for
>   kernel submission (chains first, objects second, finally rules).
> 
> * Patch 5:
>   Maps may contain concatenated "targets". Both printer and parser were
>   entirely ignorant of that fact.
> 
> * Patch 6:
>   Synproxy objects were "mostly" supported, some hooks missing to
>   cover for named ones.
> 
> Patch 4 applies the new ordering to all stored json-nft dumps. Patch 7
> adds new dumps which are now parseable given the fixes above.
> 
> Patches 1 and 2 are fallout fixes to initially make the whole shell
> testsuite pass on my testing system.
> 
> Bugs still present after this series:
> 
> * Nested chains remain entirely unsupported
> * Maps specifying interval "targets" (i.e., set->data->flags contains
>   EXPR_F_INTERVAL bit) will be printed like regular ones and the parser
>   then rejects them.

I am seeing memleaks when running tests after this series, please see
attachment for reference.

Thanks.
Command `./../../src/nft -j list ruleset` failed
>>>>

=================================================================
==84914==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
    #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #8 0x7fad73aaff68 in expr_print_json src/json.c:53
    #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #11 0x7fad73ab3410 in rule_print_json src/json.c:248
    #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #16 0x7fad73a90f1d in do_command src/rule.c:2624
    #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #19 0x55c43466d377 in main src/main.c:533
    #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
    #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #7 0x7fad73ab3410 in rule_print_json src/json.c:248
    #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #12 0x7fad73a90f1d in do_command src/rule.c:2624
    #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #15 0x55c43466d377 in main src/main.c:533
    #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
    #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #7 0x7fad73ab3410 in rule_print_json src/json.c:248
    #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #12 0x7fad73a90f1d in do_command src/rule.c:2624
    #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #15 0x55c43466d377 in main src/main.c:533
    #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
    #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #8 0x7fad73aaff68 in expr_print_json src/json.c:53
    #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #11 0x7fad73ab3410 in rule_print_json src/json.c:248
    #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #16 0x7fad73a90f1d in do_command src/rule.c:2624
    #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #19 0x55c43466d377 in main src/main.c:533
    #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 256 byte(s) in 2 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74bdeaac  (/lib/x86_64-linux-gnu/libjansson.so.4+0x3aac)
    #2 0x7ffd4687548f  ([stack]+0x1c48f)

Indirect leak of 250 byte(s) in 4 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74bdecda  (/lib/x86_64-linux-gnu/libjansson.so.4+0x3cda)

Indirect leak of 144 byte(s) in 2 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be396b in json_object (/lib/x86_64-linux-gnu/libjansson.so.4+0x896b)
    #2 0x7ffd4687548f  ([stack]+0x1c48f)

Indirect leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74bdeaac  (/lib/x86_64-linux-gnu/libjansson.so.4+0x3aac)
    #2 0x7ffd46875a9f  ([stack]+0x1ca9f)

Indirect leak of 72 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be396b in json_object (/lib/x86_64-linux-gnu/libjansson.so.4+0x896b)
    #2 0x7ffd46875a9f  ([stack]+0x1ca9f)

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
    #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #8 0x7fad73aaff68 in expr_print_json src/json.c:53
    #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #11 0x7fad73ab3410 in rule_print_json src/json.c:248
    #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #16 0x7fad73a90f1d in do_command src/rule.c:2624
    #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #19 0x55c43466d377 in main src/main.c:533
    #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
    #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #8 0x7fad73aaff68 in expr_print_json src/json.c:53
    #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #11 0x7fad73ab3410 in rule_print_json src/json.c:248
    #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #16 0x7fad73a90f1d in do_command src/rule.c:2624
    #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #19 0x55c43466d377 in main src/main.c:533
    #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
    #2 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #3 0x7fad73aaff68 in expr_print_json src/json.c:53
    #4 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #5 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #6 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #7 0x7fad73aaff68 in expr_print_json src/json.c:53
    #8 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #9 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #10 0x7fad73ab3410 in rule_print_json src/json.c:248
    #11 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #12 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #13 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #14 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #15 0x7fad73a90f1d in do_command src/rule.c:2624
    #16 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #17 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #18 0x55c43466d377 in main src/main.c:533
    #19 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
    #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #7 0x7fad73ab3410 in rule_print_json src/json.c:248
    #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #12 0x7fad73a90f1d in do_command src/rule.c:2624
    #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #15 0x55c43466d377 in main src/main.c:533
    #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
    #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
    #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #7 0x7fad73ab3410 in rule_print_json src/json.c:248
    #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #12 0x7fad73a90f1d in do_command src/rule.c:2624
    #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #15 0x55c43466d377 in main src/main.c:533
    #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 64 byte(s) in 2 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3ed4 in json_stringn_nocheck (/lib/x86_64-linux-gnu/libjansson.so.4+0x8ed4)

Indirect leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
    #2 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #3 0x7fad73aaff68 in expr_print_json src/json.c:53
    #4 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #5 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #6 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #7 0x7fad73aaff68 in expr_print_json src/json.c:53
    #8 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #9 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #10 0x7fad73ab3410 in rule_print_json src/json.c:248
    #11 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #12 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #13 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #14 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #15 0x7fad73a90f1d in do_command src/rule.c:2624
    #16 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #17 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #18 0x55c43466d377 in main src/main.c:533
    #19 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be431d in json_integer (/lib/x86_64-linux-gnu/libjansson.so.4+0x931d)
    #2 0x7fad73abe8dc in datatype_json src/json.c:975
    #3 0x7fad73abf15a in constant_expr_json src/json.c:1003
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #6 0x7fad73ab8483 in __binop_expr_json src/json.c:550
    #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #8 0x7fad73aaff68 in expr_print_json src/json.c:53
    #9 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #10 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
    #11 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #12 0x7fad73aaff68 in expr_print_json src/json.c:53
    #13 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #14 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #15 0x7fad73ab3410 in rule_print_json src/json.c:248
    #16 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #17 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #18 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #19 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #20 0x7fad73a90f1d in do_command src/rule.c:2624
    #21 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #22 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #23 0x55c43466d377 in main src/main.c:533
    #24 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be431d in json_integer (/lib/x86_64-linux-gnu/libjansson.so.4+0x931d)
    #2 0x7fad73abe8dc in datatype_json src/json.c:975
    #3 0x7fad73abf15a in constant_expr_json src/json.c:1003
    #4 0x7fad73aaff68 in expr_print_json src/json.c:53
    #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
    #6 0x7fad73ab8483 in __binop_expr_json src/json.c:550
    #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
    #8 0x7fad73aaff68 in expr_print_json src/json.c:53
    #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
    #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
    #11 0x7fad73ab3410 in rule_print_json src/json.c:248
    #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
    #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
    #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
    #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
    #16 0x7fad73a90f1d in do_command src/rule.c:2624
    #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
    #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
    #19 0x55c43466d377 in main src/main.c:533
    #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 8 byte(s) in 2 object(s) allocated from:
    #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x7fad74be0fb4  (/lib/x86_64-linux-gnu/libjansson.so.4+0x5fb4)

SUMMARY: AddressSanitizer: 1490 byte(s) leaked in 26 allocation(s).
<<<<
Pablo Neira Ayuso April 24, 2024, 8:08 p.m. UTC | #3 
On Wed, Apr 24, 2024 at 10:06:14PM +0200, Pablo Neira Ayuso wrote:
> Hi Phil,
> 
> On Sat, Mar 09, 2024 at 12:35:20PM +0100, Phil Sutter wrote:
> > Fix the following flaws in JSON input/output code:
> > 
> > * Patch 3:
> >   Wrong ordering of 'nft -j list ruleset' preventing a following restore
> >   of the dump. Code assumed dumping objects before chains was fine in
> >   all cases, when actually verdict maps may reference chains already.
> >   Dump like nft_cmd_expand() does when expanding nested syntax for
> >   kernel submission (chains first, objects second, finally rules).
> > 
> > * Patch 5:
> >   Maps may contain concatenated "targets". Both printer and parser were
> >   entirely ignorant of that fact.
> > 
> > * Patch 6:
> >   Synproxy objects were "mostly" supported, some hooks missing to
> >   cover for named ones.
> > 
> > Patch 4 applies the new ordering to all stored json-nft dumps. Patch 7
> > adds new dumps which are now parseable given the fixes above.
> > 
> > Patches 1 and 2 are fallout fixes to initially make the whole shell
> > testsuite pass on my testing system.
> > 
> > Bugs still present after this series:
> > 
> > * Nested chains remain entirely unsupported
> > * Maps specifying interval "targets" (i.e., set->data->flags contains
> >   EXPR_F_INTERVAL bit) will be printed like regular ones and the parser
> >   then rejects them.
> 
> I am seeing memleaks when running tests after this series, please see
> attachment for reference.

It could actually be related to:

0ac39384fd9e json: Accept more than two operands in binary expressions

I did not bisect yet.

> Command `./../../src/nft -j list ruleset` failed
> >>>>
> 
> =================================================================
> ==84914==ERROR: LeakSanitizer: detected memory leaks
> 
> Direct leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
>     #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #8 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #11 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #16 0x7fad73a90f1d in do_command src/rule.c:2624
>     #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #19 0x55c43466d377 in main src/main.c:533
>     #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Direct leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
>     #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #7 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #12 0x7fad73a90f1d in do_command src/rule.c:2624
>     #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #15 0x55c43466d377 in main src/main.c:533
>     #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Direct leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
>     #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #7 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #12 0x7fad73a90f1d in do_command src/rule.c:2624
>     #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #15 0x55c43466d377 in main src/main.c:533
>     #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Direct leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
>     #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #8 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #11 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #16 0x7fad73a90f1d in do_command src/rule.c:2624
>     #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #19 0x55c43466d377 in main src/main.c:533
>     #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 256 byte(s) in 2 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74bdeaac  (/lib/x86_64-linux-gnu/libjansson.so.4+0x3aac)
>     #2 0x7ffd4687548f  ([stack]+0x1c48f)
> 
> Indirect leak of 250 byte(s) in 4 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74bdecda  (/lib/x86_64-linux-gnu/libjansson.so.4+0x3cda)
> 
> Indirect leak of 144 byte(s) in 2 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be396b in json_object (/lib/x86_64-linux-gnu/libjansson.so.4+0x896b)
>     #2 0x7ffd4687548f  ([stack]+0x1c48f)
> 
> Indirect leak of 128 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74bdeaac  (/lib/x86_64-linux-gnu/libjansson.so.4+0x3aac)
>     #2 0x7ffd46875a9f  ([stack]+0x1ca9f)
> 
> Indirect leak of 72 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be396b in json_object (/lib/x86_64-linux-gnu/libjansson.so.4+0x896b)
>     #2 0x7ffd46875a9f  ([stack]+0x1ca9f)
> 
> Indirect leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
>     #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #8 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #11 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #16 0x7fad73a90f1d in do_command src/rule.c:2624
>     #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #19 0x55c43466d377 in main src/main.c:533
>     #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
>     #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #6 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #8 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #11 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #16 0x7fad73a90f1d in do_command src/rule.c:2624
>     #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #19 0x55c43466d377 in main src/main.c:533
>     #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
>     #2 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #3 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #4 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #5 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #6 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #7 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #8 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #9 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #10 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #11 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #12 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #13 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #14 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #15 0x7fad73a90f1d in do_command src/rule.c:2624
>     #16 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #17 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #18 0x55c43466d377 in main src/main.c:533
>     #19 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
>     #2 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #7 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #12 0x7fad73a90f1d in do_command src/rule.c:2624
>     #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #15 0x55c43466d377 in main src/main.c:533
>     #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c6b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c6b)
>     #2 0x7fad73ab8483 in __binop_expr_json src/json.c:550
>     #3 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #6 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #7 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #8 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #9 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #10 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #11 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #12 0x7fad73a90f1d in do_command src/rule.c:2624
>     #13 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #14 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #15 0x55c43466d377 in main src/main.c:533
>     #16 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 64 byte(s) in 2 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3ed4 in json_stringn_nocheck (/lib/x86_64-linux-gnu/libjansson.so.4+0x8ed4)
> 
> Indirect leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be3c3b in json_array (/lib/x86_64-linux-gnu/libjansson.so.4+0x8c3b)
>     #2 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #3 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #4 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #5 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #6 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #7 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #8 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #9 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #10 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #11 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #12 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #13 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #14 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #15 0x7fad73a90f1d in do_command src/rule.c:2624
>     #16 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #17 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #18 0x55c43466d377 in main src/main.c:533
>     #19 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 24 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be431d in json_integer (/lib/x86_64-linux-gnu/libjansson.so.4+0x931d)
>     #2 0x7fad73abe8dc in datatype_json src/json.c:975
>     #3 0x7fad73abf15a in constant_expr_json src/json.c:1003
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #6 0x7fad73ab8483 in __binop_expr_json src/json.c:550
>     #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #8 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #9 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #10 0x7fad73ab83e7 in __binop_expr_json src/json.c:549
>     #11 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #12 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #13 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #14 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #15 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #16 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #17 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #18 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #19 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #20 0x7fad73a90f1d in do_command src/rule.c:2624
>     #21 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #22 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #23 0x55c43466d377 in main src/main.c:533
>     #24 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 24 byte(s) in 1 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be431d in json_integer (/lib/x86_64-linux-gnu/libjansson.so.4+0x931d)
>     #2 0x7fad73abe8dc in datatype_json src/json.c:975
>     #3 0x7fad73abf15a in constant_expr_json src/json.c:1003
>     #4 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #5 0x7fad73ab84aa in __binop_expr_json src/json.c:552
>     #6 0x7fad73ab8483 in __binop_expr_json src/json.c:550
>     #7 0x7fad73ab8571 in binop_expr_json src/json.c:559
>     #8 0x7fad73aaff68 in expr_print_json src/json.c:53
>     #9 0x7fad73ac1b55 in ct_stmt_json src/json.c:1248
>     #10 0x7fad73ab09a6 in stmt_print_json src/json.c:96
>     #11 0x7fad73ab3410 in rule_print_json src/json.c:248
>     #12 0x7fad73ac7ff8 in table_print_json_full src/json.c:1741
>     #13 0x7fad73ac8537 in do_list_ruleset_json src/json.c:1763
>     #14 0x7fad73acbcc0 in do_command_list_json src/json.c:1986
>     #15 0x7fad73a8e84f in do_command_list src/rule.c:2354
>     #16 0x7fad73a90f1d in do_command src/rule.c:2624
>     #17 0x7fad7399e2f4 in nft_netlink src/libnftables.c:42
>     #18 0x7fad739a488c in nft_run_cmd_from_buffer src/libnftables.c:598
>     #19 0x55c43466d377 in main src/main.c:533
>     #20 0x7fad72a46249 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> 
> Indirect leak of 8 byte(s) in 2 object(s) allocated from:
>     #0 0x7fad744b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
>     #1 0x7fad74be0fb4  (/lib/x86_64-linux-gnu/libjansson.so.4+0x5fb4)
> 
> SUMMARY: AddressSanitizer: 1490 byte(s) leaked in 26 allocation(s).
> <<<<
Phil Sutter April 24, 2024, 8:41 p.m. UTC | #4 
On Wed, Apr 24, 2024 at 10:08:00PM +0200, Pablo Neira Ayuso wrote:
> On Wed, Apr 24, 2024 at 10:06:14PM +0200, Pablo Neira Ayuso wrote:
> > Hi Phil,
> > 
> > On Sat, Mar 09, 2024 at 12:35:20PM +0100, Phil Sutter wrote:
> > > Fix the following flaws in JSON input/output code:
> > > 
> > > * Patch 3:
> > >   Wrong ordering of 'nft -j list ruleset' preventing a following restore
> > >   of the dump. Code assumed dumping objects before chains was fine in
> > >   all cases, when actually verdict maps may reference chains already.
> > >   Dump like nft_cmd_expand() does when expanding nested syntax for
> > >   kernel submission (chains first, objects second, finally rules).
> > > 
> > > * Patch 5:
> > >   Maps may contain concatenated "targets". Both printer and parser were
> > >   entirely ignorant of that fact.
> > > 
> > > * Patch 6:
> > >   Synproxy objects were "mostly" supported, some hooks missing to
> > >   cover for named ones.
> > > 
> > > Patch 4 applies the new ordering to all stored json-nft dumps. Patch 7
> > > adds new dumps which are now parseable given the fixes above.
> > > 
> > > Patches 1 and 2 are fallout fixes to initially make the whole shell
> > > testsuite pass on my testing system.
> > > 
> > > Bugs still present after this series:
> > > 
> > > * Nested chains remain entirely unsupported
> > > * Maps specifying interval "targets" (i.e., set->data->flags contains
> > >   EXPR_F_INTERVAL bit) will be printed like regular ones and the parser
> > >   then rejects them.
> > 
> > I am seeing memleaks when running tests after this series, please see
> > attachment for reference.
> 
> It could actually be related to:
> 
> 0ac39384fd9e json: Accept more than two operands in binary expressions
> 
> I did not bisect yet.

Good catch! I missed the fact that json_array_extend() does not decref
the emptied array. The fix is simple, will submit after the testsuite
has passed.

Thanks, Phil