Package: iproute2
Version: 4.15.0-3.1
Severity: normal
Tags: patch

Patch found upstream:

When ss is invoked with the no-header flag, if the query doesn't return
any result, render() is called with 'buffer' uninitialized. This
currently leads to a segfault. Ensure that buffer is initialized before

The bug can be triggered with: ss -H sport = 100000

Signed-off-by: Jean-Philippe Brucker <jphilippe.brucker@xxxxxxxxx>
 misc/ss.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/misc/ss.c b/misc/ss.c
index e047f9c0..e087bef7 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -1197,10 +1197,15 @@ newline:
 /* Render buffered output with spacing and delimiters, then free up buffers */
 static void render(int screen_width)
-       struct buf_token *token = (struct buf_token *)buffer.head->data;
+       struct buf_token *token;
        int printed, line_started = 0;
        struct column *f;

+       if (!buffer.head)
+               return;
+       token = (struct buf_token *)buffer.head->data;
        /* Ensure end alignment of last token, it wasn't necessarily flushed */
        buffer.tail->end += buffer.cur->len % 2;


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.15-1-pve (SMP w/8 CPU cores)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_AT:de (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages iproute2 depends on:
ii  libc6        2.27-3
ii  libdb5.3     5.3.28-13.1+b1
ii  libelf1      0.170-0.4
ii  libmnl0      1.0.4-2
ii  libselinux1  2.7-2+b2

Versions of packages iproute2 recommends:
ii  libatm1       1:2.5.1-2
ii  libxtables12  1.6.2-1

Versions of packages iproute2 suggests:
pn  iproute2-doc  <none>

-- no debconf information

Reply via email to