Projects
openEuler:24.03:SP1:Everything
nftables
_service:tar_scm:backport-tests-shell-add-regre...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-tests-shell-add-regression-test-for-double-free-crash-bug.patch of Package nftables
From b237aeff41840f0c7968d02ed3d461fa9fa8fb70 Mon Sep 17 00:00:00 2001 From: Florian Westphal <fw@strlen.de> Date: Fri, 8 Mar 2024 20:57:26 +0100 Subject: [PATCH] tests: shell: add regression test for double-free crash bug BUG: KASAN: slab-use-after-free in nf_tables_set_elem_destroy+0x55/0x160 Call Trace: nf_tables_set_elem_destroy+0x55/0x160 nf_tables_set_elem_destroy+0x55/0x160 nft_pipapo_destroy+0x3b4/0x5a0 nft_set_destroy+0x118/0x3a0 nf_tables_trans_destroy_work+0x4f2/0xa80 This is a test case for the bug fiex with kernel commit b0e256f3dd2b ("netfilter: nft_set_pipapo: release elements in clone only from destroy path"). Reported-by: lonial con <kongln9170@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de> --- .../testcases/transactions/concat_range_abort | 28 +++++++++++ .../dumps/concat_range_abort.json-nft | 47 +++++++++++++++++++ .../transactions/dumps/concat_range_abort.nft | 8 ++++ 3 files changed, 83 insertions(+) create mode 100755 tests/shell/testcases/transactions/concat_range_abort create mode 100644 tests/shell/testcases/transactions/dumps/concat_range_abort.json-nft create mode 100644 tests/shell/testcases/transactions/dumps/concat_range_abort.nft diff --git a/tests/shell/testcases/transactions/concat_range_abort b/tests/shell/testcases/transactions/concat_range_abort new file mode 100755 index 00000000..b2bbe37b --- /dev/null +++ b/tests/shell/testcases/transactions/concat_range_abort @@ -0,0 +1,28 @@ +#!/bin/bash + +# NFT_TEST_REQUIRES(NFT_TEST_HAVE_pipapo) + +set -e + +$NFT -f /dev/stdin <<EOF +table ip x { + map m { + typeof ip saddr . meta mark : verdict + flags interval + counter + elements = { + 127.0.0.1-127.0.0.4 . 0x123434-0xb00122 : jump foo, + } + } + + chain foo { + accept + } +} +EOF + +$NFT -f /dev/stdin <<EOF +add chain ip x bar +add element ip x m { 1.2.3.4 . 42 : jump bar } +delete set ip x m +EOF diff --git a/tests/shell/testcases/transactions/dumps/concat_range_abort.json-nft b/tests/shell/testcases/transactions/dumps/concat_range_abort.json-nft new file mode 100644 index 00000000..8db71894 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/concat_range_abort.json-nft @@ -0,0 +1,47 @@ +{ + "nftables": [ + { + "metainfo": { + "version": "VERSION", + "release_name": "RELEASE_NAME", + "json_schema_version": 1 + } + }, + { + "table": { + "family": "ip", + "name": "x", + "handle": 0 + } + }, + { + "chain": { + "family": "ip", + "table": "x", + "name": "foo", + "handle": 0 + } + }, + { + "chain": { + "family": "ip", + "table": "x", + "name": "bar", + "handle": 0 + } + }, + { + "rule": { + "family": "ip", + "table": "x", + "chain": "foo", + "handle": 0, + "expr": [ + { + "accept": null + } + ] + } + } + ] +} diff --git a/tests/shell/testcases/transactions/dumps/concat_range_abort.nft b/tests/shell/testcases/transactions/dumps/concat_range_abort.nft new file mode 100644 index 00000000..06adca7a --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/concat_range_abort.nft @@ -0,0 +1,8 @@ +table ip x { + chain foo { + accept + } + + chain bar { + } +} -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2