Package: nftables Version: 0.9.1-2 Severity: normal While studying RFC 4890 I ran into parsing problems. I have narrowed it down to the ruleset below.
Note the typo ("174" should be "147") results in overlapping intervals with conflicting verdicts. I think this should result in an error rather than a segfault. #!/usr/sbin/nft --file delete chain inet x y table inet x { chain y { icmpv6 type vmap { 144 - 174 : accept, 154 - 199 : drop, } } } PID: 8941 (nft) UID: 0 (root) GID: 0 (root) Signal: 11 (SEGV) Timestamp: Wed 2019-07-24 14:37:13 AEST (45s ago) Command Line: nft --file tmp.nft Executable: /usr/sbin/nft Control Group: /user.slice/user-0.slice/session-25.scope Unit: session-25.scope Slice: user-0.slice Session: 25 Owner UID: 0 (root) Boot ID: d7a30c4dec804cd08fbd79e513dfbc16 Machine ID: ee3c68006daf4086b06772170d63f3f6 Hostname: not-omega Storage: /var/lib/systemd/coredump/core.nft.0.d7a30c4dec804cd08fbd79e513dfbc16.8941.1563943033000000.lz4 Message: Process 8941 (nft) of user 0 dumped core. Stack trace of thread 8941: #0 0x00007f1d5d9fb39b set_to_intervals (libnftables.so.1) #1 0x00007f1d5d9dcd2f n/a (libnftables.so.1) #2 0x00007f1d5d9df2c7 do_command (libnftables.so.1) #3 0x00007f1d5da02320 n/a (libnftables.so.1) #4 0x00007f1d5da02cdc nft_run_cmd_from_filename (libnftables.so.1) #5 0x00005637f2eaa5f0 main (nft) #6 0x00007f1d5d73809b __libc_start_main (libc.so.6) #7 0x00005637f2eaa68a _start (nft) -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (990, 'stable'), (500, 'proposed-updates'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled