[pkg-netfilter-team] Bug#946996: wireguard-tools: 'wg-quick down' segfaults
Celejar
celejar at gmail.com
Wed Jan 22 03:18:45 GMT 2020
On Tue, 21 Jan 2020 10:36:25 -0500
Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> Control: reassign 946996 iptables
> Control: affects 946996 + wireguard-tools
>
> Hi Celejar--
>
> On Thu 2019-12-19 00:00:39 -0500, Celejar wrote:
> > Package: wireguard-tools
> > Version: 0.0.20191212-1
> > Severity: normal
> >
> > I use wireguard to establish a very simple point-to-point VPN. 'wg-quick
> > up wgo' works fine; 'wg-quick down wg0' also seems to work correctly,
> > but it segfaults after doing (AFAICT) everything that it's supposed to
> > do. Everything seems to be working fine, though, both before and afterward.
...
> Thanks for this report. It looks to me like this is a segfault in
> iptables-restore, not in wg-quick, so i'm reassigning the bug report to
> the iptables package, which shouldn't segfault, no matter what input it
> receives. (maybe this is due to sending it empty lines?
>
> In the meantime, i believe that more recent versions of wireguard-tools
> do not send empty lines to iptables-restore. Can you verify that this
> doesn't happen for you with a more recent version?
Sorry, I'm still getting it:
~# apt-cache policy wireguard-tools
wireguard-tools:
Installed: 1.0.20200102-1
Candidate: 1.0.20200102-1
Version table:
*** 1.0.20200102-1 500
500 http://deb.debian.org/debian sid/main amd64 Packages
100 /var/lib/dpkg/status
~# ifdown wg0
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0
[#] resolvconf -d tun.wg0 -f
[#] iptables-restore -n
/usr/bin/wg-quick: line 29: 186243 Segmentation fault "$@"
...
> Thanks for reporting this,
Thank you for all your Debian, technology, and privacy work!
Celejar
More information about the pkg-netfilter-team
mailing list