master

分支 (25)

标签 (33)

管理

管理

master

openEuler-24.03-LTS

openEuler-22.03-LTS-SP4

openEuler-22.03-LTS-SP1

openEuler-24.03-LTS-SP1

openEuler-24.03-LTS-Next

openEuler-22.03-LTS-SP3

openEuler-24.09

openEuler-22.03-LTS-SP2

openEuler-22.03-LTS

openEuler-22.03-LTS-Next

openEuler-20.03-LTS-SP4

openEuler-23.03

openEuler-23.09

openEuler-20.03-LTS-SP3

openEuler-20.03-LTS-SP1

openEuler-22.09

openEuler-21.03

openEuler-21.09

openEuler-20.03-LTS

openEuler-24.03-LTS-SP1-release

openEuler-22.03-LTS-SP4-update-20241220

openEuler-22.03-LTS-SP3-update-20241220

openEuler-22.03-LTS-SP1-update-20241220

openEuler-24.03-LTS-update-20241213

openEuler-22.03-LTS-SP4-update-20241213

openEuler-22.03-LTS-SP3-update-20241213

openEuler-22.03-LTS-SP1-update-20241213

openEuler-22.03-LTS-SP4-update-before-20241025

openEuler-22.03-LTS-SP1-update-20241025

openEuler-22.03-LTS-SP3-update-20241025

openEuler-22.03-LTS-SP4-update-20241025

openEuler-24.03-LTS-update-20241025

openEuler-22.03-LTS-SP4-release

openEuler-24.09-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

nftables
/
backport-datatype-initialize-TYPE_CT_...

From 1b235f9962a059a599d9a9ecce477ed71e328e89 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 19 Sep 2023 18:09:31 +0200
Subject: [PATCH] datatype: initialize TYPE_CT_LABEL slot in datatype array

Otherwise, ct label with concatenations such as:

 table ip x {
        chain y {
                ct label . ct mark  { 0x1 . 0x1 }
        }
 }

crashes:

../include/datatype.h:196:11: runtime error: member access within null pointer of type 'const struct datatype'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==640948==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fc970d3199b bp 0x7fffd1f20560 sp 0x7fffd1f20540 T0)
==640948==The signal is caused by a READ memory access.
==640948==Hint: address points to the zero page.
sudo     #0 0x7fc970d3199b in datatype_equal ../include/datatype.h:196

Fixes: 2fcce8b0677b ("ct: connlabel matching support")
Reported-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/ct.h   | 1 +
 src/ct.c       | 2 +-
 src/datatype.c | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/ct.h b/include/ct.h
index efb2d418..aa0504c5 100644
--- a/include/ct.h
+++ b/include/ct.h
@@ -39,5 +39,6 @@ extern const char *ct_label2str(const struct symbol_table *tbl,
 extern const struct datatype ct_dir_type;
 extern const struct datatype ct_state_type;
 extern const struct datatype ct_status_type;
+extern const struct datatype ct_label_type;

 #endif /* NFTABLES_CT_H */
diff --git a/src/ct.c b/src/ct.c
index 6760b085..d7dec255 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -217,7 +217,7 @@ static struct error_record *ct_label_type_parse(struct parse_ctx *ctx,
 	return NULL;
 }

-static const struct datatype ct_label_type = {
+const struct datatype ct_label_type = {
 	.type		= TYPE_CT_LABEL,
 	.name		= "ct_label",
 	.desc		= "conntrack label",
diff --git a/src/datatype.c b/src/datatype.c
index 70c84846..ee0e9701 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -65,6 +65,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
 	[TYPE_CT_DIR]		= &ct_dir_type,
 	[TYPE_CT_STATUS]	= &ct_status_type,
 	[TYPE_ICMP6_TYPE]	= &icmp6_type_type,
+	[TYPE_CT_LABEL]		= &ct_label_type,
 	[TYPE_PKTTYPE]		= &pkttype_type,
 	[TYPE_ICMP_CODE]	= &icmp_code_type,
 	[TYPE_ICMPV6_CODE]	= &icmpv6_code_type,
--
2.33.0