Re: [PATCH nft 3/3] src: evaluate: return immediately if no op was requested

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Sun, Jul 21, 2019 at 02:14:07AM +0200, Florian Westphal wrote:
> > This makes nft behave like 0.9.0 -- the ruleset
> > 
> > flush ruleset
> > table inet filter {
> > }
> > table inet filter {
> >       chain test {
> >         counter
> >     }
> > }
> > 
> > loads again without generating an error message.
> > I've added a test case for this, without this it will create an error,
> > and with a checkout of the 'fixes' tag we get crash.
> > 
> > Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1351
> > Fixes: e5382c0d08e3c ("src: Support intra-transaction rule references")
> 
> This one is causing the cache corruption, right?

There is no cache corruption.  This patch makes us enter a code
path that we did not take before.




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux