Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#4105 - fw3 crashes when a device name is too long, leaving device isolated #7064

openwrt-bot opened this issue Oct 23, 2021 · 0 comments
flyspray release/21.02


Copy link

openwrt-bot commented Oct 23, 2021


After connecting to a PPPoE, fw3 crashes and leave the router completely isolated from internet.
It happens with multiple targets. This is from x86/64 in a VM:

Thu Dec 31 23:05:49 2020 user.notice firewall: Reloading firewall due to ifup of xxx (xxx)
Thu Dec 31 23:05:49 2020 kernel: [ 34.632472] fw3[3409]: segfault at 293531f0 ip 0000000000409353 sp 00007ffec12378f0 error 4 in fw3[404000+f000]
Thu Dec 31 23:05:49 2020 kernel: [ 34.632508] Code: 41 00 48 89 c6 e9 48 ff ff ff 48 8b 7c 24 08 48 8d 54 24 40 be e5 36 41 00 e8 2b bb ff ff eb ad 31 db 48 8b 44 24 08 48 ff c3 <48> 8b b8 c8 00 00 00 39 98 c0 00 00 00 7e 0c 48 8b 3c df ff 15 84

If I manually restart the firewall:

* Forward 'vpn' -> 'lan'

  • Zone 'lan'
  • Zone 'wan'
    ! Exception: interface name `pppoe-wanb_pppoe' must be shorter than IFNAMSIZ (15) ! Skipping due to previous exception (code 2)
    Segmentation fault

The issue is only visible using a non-network console as after the firewall is gone, iptables is in a drop-all state.

fw3 should ignore the interface but not crash when this situation happens.
luci should prevent interface names/device names that will extrapolate IFNAMSIZ, specially PPPoE.
netifd should limit the number of extra chars in a device prefix (i.e.: "br-", "3g-") to make luci checks easier.

@aparcar aparcar added the release/21.02 label Feb 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
flyspray release/21.02
None yet

No branches or pull requests

2 participants