From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nft 0/3] src: make set-merging less zealous
Date: Wed, 13 Dec 2023 18:06:42 +0100 [thread overview]
Message-ID: <20231213170650.13451-1-fw@strlen.de> (raw)
I got a large corpus of various crashes in the set internals code
tripping over expressions that should not exist, e.g. a range expression
with a symbolic expression.
From initial investigation it looks like to root cause is the same,
we have back-to-back declarations of the same set name, evaluation
is returning errors, but we instist to continue evaluation.
Then, we try to merge set elements and end up merging
such a 'redefined set' with an erroneous one.
This series adds an initial assertion which helped to make
crashes easier to backtrace.
Second patch adds a 'errors' flag to struct set and raises
it once we saw soemthing funky.
Patch 3 also sets/uses this when evaluating the set itself.
Alternative would be to make the lowlevel code more robust
of these kinds of issues, but that might take a while
to fix, also because this oce is partially not able to
indicate errors.
Florian Westphal (3):
intervals: BUG on prefix expressions without value
src: do not merge a set with a erroneous one
evaluate: don't assert if set->data is NULL
include/rule.h | 2 ++
src/evaluate.c | 17 +++++++++++++++--
src/intervals.c | 5 ++++-
.../nft-f/expr_evaluate_mapping_no_data_assert | 4 ++++
.../bogons/nft-f/invalid_range_expr_type_binop | 12 ++++++++++++
5 files changed, 37 insertions(+), 3 deletions(-)
create mode 100644 tests/shell/testcases/bogons/nft-f/expr_evaluate_mapping_no_data_assert
create mode 100644 tests/shell/testcases/bogons/nft-f/invalid_range_expr_type_binop
--
2.41.0
next reply other threads:[~2023-12-13 17:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-13 17:06 Florian Westphal [this message]
2023-12-13 17:06 ` [PATCH nft 1/3] intervals: BUG on prefix expressions without value Florian Westphal
2023-12-13 17:06 ` [PATCH nft 2/3] src: do not merge a set with a erroneous one Florian Westphal
2023-12-13 17:06 ` [PATCH nft 3/3] evaluate: don't assert if set->data is NULL Florian Westphal
2023-12-16 10:11 ` [PATCH nft 0/3] src: make set-merging less zealous Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231213170650.13451-1-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.