diff options
author | Florian Westphal <fw@strlen.de> | 2021-06-30 17:45:18 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2021-06-30 17:56:16 +0200 |
commit | 6d225d296ec48adefdbd3d003598a5d3c4ee22ff (patch) | |
tree | 386ed40a964e33ed4d8b78090c45982dcef4e821 /tests/shell | |
parent | 5fff08b0c940cdd1194b40c602980e73688f7be6 (diff) |
netlink_delinarize: don't check for set element if set is not populated
0065_icmp_postprocessing: line 13: Segmentation fault $NFT insert rule ip x foo index 1 accept
Since no listing is done, cache isn't populated and 'nft insert' will trip over
set->init == NULL during postprocessing of the existing 'icmp id 42' expression.
Fixes: 9a5574e2d4e9 ("netlink_delinearize: add missing icmp id/sequence support")
Reported-by: Eric Garver <eric@garver.life>
Reported-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/sets/0065_icmp_postprocessing | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/tests/shell/testcases/sets/0065_icmp_postprocessing b/tests/shell/testcases/sets/0065_icmp_postprocessing new file mode 100755 index 00000000..f838c3ef --- /dev/null +++ b/tests/shell/testcases/sets/0065_icmp_postprocessing @@ -0,0 +1,13 @@ +#!/bin/bash + +set -e + +RULESET="table ip x { + chain foo { + icmp id 42 + } +}" + +$NFT -f - <<< $RULESET + +$NFT insert rule ip x foo index 0 accept |