2015-12-16 23:38 GMT+01:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
> 564b0e7c13f9 ("netlink_delinearize: postprocess expression before range
> merge") crashes nft when the previous statement is removed via
> payload_dependency_kill() as this pointer is not valid anymore.
>
> Move the pointer to the previous statement to rule_pp_ctx and invalid it
> when required.
>
> Reported-by: "Pablo M. Bermudo Garay" <pablombg@xxxxxxxxx>
> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> ---
> src/netlink_delinearize.c | 30 +++++++++++++++++-------------
> 1 file changed, 17 insertions(+), 13 deletions(-)
I have run the regression test suite and the problem seems to be fixed
with no side effects.
Tested-by: Pablo M. Bermudo Garay <pablombg@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
