On Mon, Feb 05, 2024 at 05:02:16PM +0000, Eric wrote:
> On Monday, February 5th, 2024 at 01:47, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
>
> > Strange that userspace crashes depending on the kernel version.
> >
> > What is your userspace nft version there?
>
> This is on the current release of OpenWrt so previous release of nft. Same behavior on x86, aarch64 and mips. All other commands from my monkey testing just return silently, only this one fails.
>
> $ uname -a
> Linux rtr00 5.15.137 #0 SMP Tue Nov 14 13:38:11 2023 x86_64 GNU/Linux
>
> $ nft -V
> nftables v1.0.8 (Old Doc Yak #2)
> cli: no
> json: yes
> minigmp: yes
> libxtables: no
>
> $ nft list ct expectation table inet fw4
> Segmentation fault
Fix is already available in v1.0.9:
commit a8ff324dc64fd76f7d218d3d94c5885250951258
Author: Florian Westphal <fw@xxxxxxxxx>
Date: Fri Jul 28 21:04:13 2023 +0200
ct expectation: fix 'list object x' vs. 'list objects in table' confusion
Just like "ct timeout", "ct expectation" is in need of the same fix,
we get segfault on "nft list ct expectation table t", if table t exists.
This is the exact same pattern as resolved for "ct timeout" in commit
1d2e22fc0521 ("ct timeout: fix 'list object x' vs. 'list objects in table' confusion").
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
