parser: segfault in top scope define

nft segfaults if a symbol is added in top_scope, because of a missing
init_list_head.  Trivial example:

    define ip_set = {192.168.1.2, 192.168.2.3}
    add rule filter output ip daddr $ip_set counter

This closes netfilter bugzilla #877.

Reported-by: Anand Raj Manickam <anandrm@gmail.com>
Signed-off-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/parser.y b/src/parser.y
index a49e5c2a9e50fb1e97d0643002e44852c9b4567c..c6f8c9d448f71b44054f01039b5a553368488afa 100644 (file)
--- a/src/parser.y
+++ b/src/parser.y
@@ -32,6 +32,7 @@ void parser_init(struct parser_state *state, struct list_head *msgs)
 {
        memset(state, 0, sizeof(*state));
        init_list_head(&state->cmds);
+       init_list_head(&state->top_scope.symbols);
        state->msgs = msgs;
        state->scopes[0] = scope_init(&state->top_scope, NULL);
 }