diff options
| author | Phil Oester <kernel@linuxace.com> | 2013-11-29 12:30:04 -0800 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-11-30 21:45:42 +0100 |
| commit | ff355ec0f7732d6835f4e339abb1778924771fde (patch) | |
| tree | 2f5f91afc538364e45568c1ea1649b2c84cc1b66 | |
| parent | e0ed4c45d9ad2564ae3ab3f4465466b0130a845c (diff) | |
parser: segfault in top scope define
nft segfaults if a symbol is added in top_scope, because of a missing
init_list_head. Trivial example:
define ip_set = {192.168.1.2, 192.168.2.3}
add rule filter output ip daddr $ip_set counter
This closes netfilter bugzilla #877.
Reported-by: Anand Raj Manickam <anandrm@gmail.com>
Signed-off-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | src/parser.y | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/parser.y b/src/parser.y index a49e5c2a..c6f8c9d4 100644 --- a/src/parser.y +++ b/src/parser.y @@ -32,6 +32,7 @@ void parser_init(struct parser_state *state, struct list_head *msgs) { memset(state, 0, sizeof(*state)); init_list_head(&state->cmds); + init_list_head(&state->top_scope.symbols); state->msgs = msgs; state->scopes[0] = scope_init(&state->top_scope, NULL); } |