Bug#1032642: iproute2: ip tunnel change ip6gre to gre crashes with stack smash
Package: iproute2
Version: 5.10.0-4
Severity: normal
Dear Maintainer,
I just came across a "stack smashing detected" crash when changing a gre6 to a gre4 tunnel
To reproduce create an ipv6 gre tunnel:
> ip tunnel add gre1 mode ip6gre local 2001:db8::1 remote 2001:db8::2 ttl 255
And then attempt to change it to an ipv4 one:
> ip tunnel change gre1 mode gre local 192.168.0.0 remote 192.168.0.1 ttl 255
This results in:
> *** stack smashing detected ***: terminated
> Aborted
The inverse (changing v4 to v6) results in:
> add tunnel "gre1" failed: Invalid argument
Which I'm not sure if I should expect or if that's another issue, but it does not crash.
I've reproduced the crash on a few other bullseye servers/vms to rule out a single broken install.
I have also tested this on testing (iproute2 version 6.1.0-2) and the crash also happens there
I hope this is the right place and helpful enough to action on
Thanks!
-- System Information:
Debian Release: 11.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-20-amd64 (SMP w/24 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages iproute2 depends on:
ii debconf [debconf-2.0] 1.5.77
ii libbpf0 1:0.3-2
ii libbsd0 0.11.3-1
ii libc6 2.31-13+deb11u5
ii libcap2 1:2.44-1
ii libcap2-bin 1:2.44-1
ii libdb5.3 5.3.28+dfsg1-0.8
ii libelf1 0.183-1
ii libmnl0 1.0.4-3
ii libselinux1 3.1-3
ii libxtables12 1.8.7-1
Versions of packages iproute2 recommends:
pn libatm1 <none>
Versions of packages iproute2 suggests:
pn iproute2-doc <none>
-- debconf information:
iproute2/setcaps: false
Reply to: