| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Dec 2010 16:55:10 +0100
From: Jarek Poplawski <jarkao2@...il.com>
To: Andrej Ota <andrej@....si>
Cc: Paweł Staszewski <pstaszewski@...are.pl>,
Andrew Morton <akpm@...ux-foundation.org>,
netdev@...r.kernel.org, Paul Mackerras <paulus@...ba.org>,
bugzilla-daemon@...zilla.kernel.org,
bugme-daemon@...zilla.kernel.org, pstaszewski@...com.pl,
Eric Dumazet <eric.dumazet@...il.com>,
David Miller <davem@...emloft.net>
Subject: Re: [PATCH] [Bug 24472] Kernel panic - not syncing: Fatal Exception
On Fri, Dec 10, 2010 at 03:49:08PM +0100, Andrej Ota wrote:
> Move kfree_skb which was causing memory corruption to new location, while still keeping appropriate return value for function __pppoe_xmit. Prevents memory corruption and consequent kernel panic when PPPoE peer terminates the link.
Andrej, a slight misunderstanding - probably I should be more explicit.
I sent this link, which explains why return shouldn't be zero:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=db7bf6d97c6956b7eb0f22131cb5c37bd41f33c0
So the simplest fix is to revert this one change only.
If you disagree with this let me know.
You should also fix the subject to something more meaningful, e.g.:
[PATCH] pppoe: Fix kernel panic caused by __pppoe_xmit
Please, break lines in the changelog around 70 lines and add it
fixes commit 55c95e738da85373965cb03b4f975d0fd559865b.
Thanks,
Jarek P.
>
> Signed-off-by: Andrej Ota [andrej@....si]
> Reported-by: Pawel Staszewski [pstaszewski@...com.pl]
> ---
> drivers/net/pppoe.c | 5 +++--
> 1 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/pppoe.c b/drivers/net/pppoe.c
> index d72fb05..1a21dce 100644
> --- a/drivers/net/pppoe.c
> +++ b/drivers/net/pppoe.c
> @@ -924,8 +924,10 @@ static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb)
> /* Copy the data if there is no space for the header or if it's
> * read-only.
> */
> - if (skb_cow_head(skb, sizeof(*ph) + dev->hard_header_len))
> + if (skb_cow_head(skb, sizeof(*ph) + dev->hard_header_len)) {
> + kfree_skb(skb);
> goto abort;
> + }
>
> __skb_push(skb, sizeof(*ph));
> skb_reset_network_header(skb);
> @@ -947,7 +949,6 @@ static int __pppoe_xmit(struct sock *sk, struct sk_buff *skb)
> return 1;
>
> abort:
> - kfree_skb(skb);
> return 0;
> }
>
> ---
>
> Andrej Ota.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists