The issue I would like to bring to your attention is as follows: We are using the JSON feature in the PACKAGECONFIG of ulogd, and we have discovered that both ulogd and jansson have methods with the same name, which can lead to a symbol reference error resulting in a segmentation fault. The method in question is hashtable_del(). Based on our backtrace analysis, it appears that when ulogd's hashtable_del() is executed instead of jansson's hashtable_del(), it leads to a segmentation fault (SEGV). To avoid this symbol collision, I modified ulogd's hashtable_del() to hashtable_delete(), and I have confirmed that this resolves the issue. For your reference, 1. Our backtrace analysis (gdb) bt #0 0x000000558ed47730 in __llist_del (next=0x3433326335357830, prev=0x30623663) at /usr/src/debug/ulogd2/2.0.8+git/include/ulogd/linuxlist.h:107 #1 llist_del (entry=0x7fc5c38460) at /usr/src/debug/ulogd2/2.0.8+git/include/ulogd/linuxlist.h:119 #2 hashtable_del (table=table@entry=0x7fc5c38530, n=n@entry=0x7fc5c38460) at /usr/src/debug/ulogd2/2.0.8+git/src/hash.c:96 #3 0x0000007f95234600 in do_dump (json=0x55c234c6b0, flags=0, depth=0, parents=0x7fc5c38530, dump=0x7f95233ad0 <dump_to_strbuffer>, data=0x7fc5c385b0) at /usr/src/debug/jansson/2.14/src/dump.c:416 #4 0x0000007f952348e4 in json_dump_callback (json=json@entry=0x55c234c6b0, callback=callback@entry=0x7f95233ad0 <dump_to_strbuffer>, data=data@entry=0x7fc5c385b0, flags=flags@entry=0) at /usr/src/debug/jansson/2.14/src/dump.c:486 #5 0x0000007f952349a0 in json_dumps (json=json@entry=0x55c234c6b0, flags=flags@entry=0) at /usr/src/debug/jansson/2.14/src/dump.c:433 #6 0x0000007f95271934 in json_interp (upi=0x55c2358690) at /usr/src/debug/ulogd2/2.0.8+git/output/ulogd_output_JSON.c:399 I think this hashtable_del() should be https://github.com/akheron/jansson/blob/v2.14/src/hashtable.c#L275 ( jansson's hashtable_del ) But #2 says that the hashtable_del() is ulogd2's one. https://github.com/inliniac/ulogd2/blob/master/src/hash.c#L94 ( ulogd's hashtable_del ) 2. I have included the patch details below: --- include/ulogd/hash.h | 2 +- input/flow/ulogd_inpflow_NFCT.c | 4 ++-- src/hash.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/ulogd/hash.h b/include/ulogd/hash.h index d4aedb8..4b4874b 100644 --- a/include/ulogd/hash.h +++ b/include/ulogd/hash.h @@ -34,7 +34,7 @@ void hashtable_destroy(struct hashtable *h); int hashtable_hash(const struct hashtable *table, const void *data); struct hashtable_node *hashtable_find(const struct hashtable *table, const void *data, int id); int hashtable_add(struct hashtable *table, struct hashtable_node *n, int id); -void hashtable_del(struct hashtable *table, struct hashtable_node *node); +void hashtable_delete(struct hashtable *table, struct hashtable_node *node); int hashtable_flush(struct hashtable *table); int hashtable_iterate(struct hashtable *table, void *data, int (*iterate)(void *data, void *n)); diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index 899b7e3..38baf05 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -702,7 +702,7 @@ event_handler_hashtable(enum nf_conntrack_msg_type type, if (ts) { set_timestamp_from_ct(ts, ct, STOP); do_propagate_ct(upi, ct, type, ts); - hashtable_del(cpi->ct_active, &ts->hashnode); + hashtable_delete(cpi->ct_active, &ts->hashnode); nfct_destroy(ts->ct); free(ts); } else { @@ -886,7 +886,7 @@ static int do_purge(void *data1, void *data2) ret = nfct_query(cpi->pgh, NFCT_Q_GET, ts->ct); if (ret == -1 && errno == ENOENT) { do_propagate_ct(upi, ts->ct, NFCT_T_DESTROY, ts); - hashtable_del(cpi->ct_active, &ts->hashnode); + hashtable_delete(cpi->ct_active, &ts->hashnode); nfct_destroy(ts->ct); free(ts); } diff --git a/src/hash.c b/src/hash.c index 1d99130..8fd98a1 100644 --- a/src/hash.c +++ b/src/hash.c @@ -91,7 +91,7 @@ int hashtable_add(struct hashtable *table, struct hashtable_node *n, int id) return 0; } -void hashtable_del(struct hashtable *table, struct hashtable_node *n) +void hashtable_delete(struct hashtable *table, struct hashtable_node *n) { llist_del(&n->head); table->count--;
