Slightly modified debdiff which will only run the tests once. ** Patch removed: "iptables_1.8.7-1ubuntu7.debdiff" https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1992454/+attachment/5623037/+files/iptables_1.8.7-1ubuntu7.debdiff
** Patch removed: "iptables_1.8.7-1ubuntu7.debdiff" https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1992454/+attachment/5622997/+files/iptables_1.8.7-1ubuntu7.debdiff ** Patch added: "iptables_1.8.7-1ubuntu7.debdiff" https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1992454/+attachment/5623422/+files/iptables_1.8.7-1ubuntu7.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1992454 Title: iptables: segfault when renaming a chain Status in iptables package in Ubuntu: In Progress Status in iptables source package in Bionic: In Progress Status in iptables source package in Focal: In Progress Status in iptables source package in Jammy: In Progress Status in iptables source package in Kinetic: In Progress Bug description: This is the description for the upstream fix of this bug[1] : This is an odd bug: If the number of chains is right and one renames the last one in the list, libiptc dereferences a NULL pointer. Commit 97bf4e68fc0794adba3243fd96f40f4568e7216f fixes this bug upstream. This bug is to have the fix included in Ubuntu in order to avoid such segmentation faults. For Jammy and onward, iptables uses the new nft libraries so the problem does not appear unless the -legacy commands are used. The following code (adapted from the upstream commit to work on Kinetic) may be used to reproduce the issue : ----------------------------------------8<-------------------------------- #!/bin/bash # # Cover for a bug in libiptc: # - the chain 'node-98-tmp' is the last in the list sorted by name # - there are 81 chains in total, so three chain index buckets # - the last index bucket contains only the 'node-98-tmp' chain # => rename temporarily removes it from the bucket, leaving a NULL bucket # behind which is dereferenced later when inserting the chain again with new # name again ( echo "*filter" for chain in node-1 node-10 node-101 node-102 node-104 node-107 node-11 node-12 node-13 node-14 node-15 node-16 node-17 node-18 node-19 node-2 node-20 node-21 node-22 node-23 node-25 node-26 node-27 node-28 node-29 node-3 node-30 node-31 node-32 node-33 node-34 node-36 node-37 node-39 node-4 node-40 node-41 node-42 node-43 node-44 node-45 node-46 node-47 node-48 node-49 node-5 node-50 node-51 node-53 node-54 node-55 node-56 node-57 node-58 node-59 node-6 node-60 node-61 node-62 node-63 node-64 node-65 node-66 node-68 node-69 node-7 node-70 node-71 node-74 node-75 node-76 node-8 node-80 node-81 node-86 node-89 node-9 node-92 node-93 node-95 node-98-tmp; do echo ":$chain - [0:0]" done echo "COMMIT" ) | $XT_MULTI iptables-legacy-restore $XT_MULTI iptables-legacy -E node-98-tmp node-98 exit $? ---------------------------------------->8-------------------------------- [1] http://git.netfilter.org/iptables/commit/?id=97bf4e68fc0794adba3243fd96f40f4568e7216f To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1992454/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
