Bug 175918

Summary: iptables crashes when iptables -A INPUT -i eth0 -p tcp -m multiport --dport 80,443 -m multiport --sport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
Product: [Fedora] Fedora Reporter: giulix <giulio.martinat>
Component: iptablesAssignee: Steve Conklin <sconklin>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: 2.6.21-1.3228.fc7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-07-14 09:27:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description giulix 2005-12-16 09:38:27 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20051111 Firefox/1.5

Description of problem:
Simply entering the rule:
iptables -A INPUT -i eth0 -p tcp -m multiport --dport 80,443 -m multiport --sport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
crashes iptables.


Version-Release number of selected component (if applicable):
iptables-1.3.0-2.rpm

How reproducible:
Always

Steps to Reproduce:
1.Open a terminal session as root
2.Type the command
3.Press <Return>
  

Actual Results:  *** glibc detected *** iptables: double free or corruption (!prev): 0x08aea230 ***
======= Backtrace: =========
/lib/libc.so.6[0x352124]
/lib/libc.so.6(__libc_free+0x77)[0x35265f]
iptables(clear_rule_matches+0x26)[0x804a929]
iptables(do_command+0x1293)[0x804d76f]
iptables(main+0x69)[0x8049bcd]
/lib/libc.so.6(__libc_start_main+0xdf)[0x303d5f]
iptables[0x8049ae1]
======= Memory map: ========
00111000-00112000 r-xp 00000000 03:07 1856063    /lib/iptables/libipt_standard.so
00112000-00113000 rwxp 00000000 03:07 1856063    /lib/iptables/libipt_standard.so
002d1000-002eb000 r-xp 00000000 03:07 1822655    /lib/ld-2.3.5.so
002eb000-002ec000 r-xp 00019000 03:07 1822655    /lib/ld-2.3.5.so
002ec000-002ed000 rwxp 0001a000 03:07 1822655    /lib/ld-2.3.5.so
002ef000-00412000 r-xp 00000000 03:07 1822691    /lib/libc-2.3.5.so
00412000-00414000 r-xp 00123000 03:07 1822691    /lib/libc-2.3.5.so
00414000-00416000 rwxp 00125000 03:07 1822691    /lib/libc-2.3.5.so
00416000-00418000 rwxp 00416000 00:00 0
00441000-00443000 r-xp 00000000 03:07 1822694    /lib/libdl-2.3.5.so
00443000-00444000 r-xp 00001000 03:07 1822694    /lib/libdl-2.3.5.so
00444000-00445000 rwxp 00002000 03:07 1822694    /lib/libdl-2.3.5.so
007b2000-007b3000 r-xp 007b2000 00:00 0          [vdso]
0084e000-00850000 r-xp 00000000 03:07 1856055    /lib/iptables/libipt_multiport.so
00850000-00851000 rwxp 00001000 03:07 1856055    /lib/iptables/libipt_multiport.so
009b6000-009bf000 r-xp 00000000 03:07 1822516    /lib/libnss_files-2.3.5.so
009bf000-009c0000 r-xp 00008000 03:07 1822516    /lib/libnss_files-2.3.5.so
009c0000-009c1000 rwxp 00009000 03:07 1822516    /lib/libnss_files-2.3.5.so
00c4f000-00c50000 r-xp 00000000 03:07 1856064    /lib/iptables/libipt_state.so
00c50000-00c51000 rwxp 00000000 03:07 1856064    /lib/iptables/libipt_state.so
00d4f000-00d51000 r-xp 00000000 03:07 1856065    /lib/iptables/libipt_tcp.so
00d51000-00d52000 rwxp 00001000 03:07 1856065    /lib/iptables/libipt_tcp.so
00d95000-00d9e000 r-xp 00000000 03:07 1822697    /lib/libgcc_s-4.0.2-20051126.so.1
00d9e000-00d9f000 rwxp 00009000 03:07 1822697    /lib/libgcc_s-4.0.2-20051126.so.1
08048000-08053000 r-xp 00000000 03:07 585998     /sbin/iptables
08053000-08054000 rw-p 0000a000 03:07 585998     /sbin/iptables
08ae9000-08b0a000 rw-p 08ae9000 00:00 0          [heap]
b7e00000-b7e21000 rw-p b7e00000 00:00 0
b7e21000-b7f00000 ---p b7e21000 00:00 0
b7f58000-b7f5a000 rw-p b7f58000 00:00 0
bfd57000-bfd6c000 rw-p bfd57000 00:00 0          [stack]
Abort

Expected Results:  New  rule  added

Additional info:

Posted on fedoraforum.org by lazariuk on 12/15/2005 7:33 AM PST
http://www.fedoraforum.org/forum/showthread.php?t=88513
don't blame me.... I'm just a messenger
Comment 1 giulix 2005-12-16 09:45:02 UTC 
Kernel is 2.6.14-1.1644_FC4
Comment 2 Christian Iseli 2007-01-20 00:09:07 UTC 
This report targets the FC3 or FC4 products, which have now been EOL'd.

Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?

Thanks.
Comment 3 giulix 2007-07-14 09:27:03 UTC 
Tested on Fedora 7. The problem does not occur anymore.