On Tue, Feb 25, 2025 at 09:33:57PM +0100, Florian Westphal wrote:
> if (dep->left->payload.base != PROTO_BASE_TRANSPORT_HDR)
>
> is legal only after checking that ->left points to an
> EXPR_PAYLOAD expression. The dependency store can also contain
> EXPR_META, in this case we access a bogus part of the union.
>
> The payload_may_dependency_kill_icmp helper can't handle a META
> dep either, so return early.
Fixes: 533565244d88 ("payload: check icmp dependency before removing previous icmp expression")
> Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Reviewed-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Thanks.
