| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 May 2016 09:51:24 -0700 From: Alexander Duyck <alexander.duyck@...il.com> To: Eric Dumazet <eric.dumazet@...il.com> Cc: Alexander Duyck <aduyck@...antis.com>, Netdev <netdev@...r.kernel.org>, David Miller <davem@...emloft.net>, Tom Herbert <tom@...bertland.com> Subject: Re: [net-next PATCH] udp: Resolve NULL pointer dereference On Wed, May 11, 2016 at 8:43 PM, Eric Dumazet <eric.dumazet@...il.com> wrote: > On Wed, 2016-05-11 at 19:24 -0700, Alexander Duyck wrote: >> While testing an OpenStack configuration using VXLANs I saw the following >> call trace: > >> >> I believe the trace is pointing to the call to dev_net(dev) in >> udp4_lib_lookup_skb. If I am not mistaken I believe it is possible for us >> to have skb_dst(skb)->dev be NULL. So to resolve that I am adding a check >> for this case and skipping the assignment if such an event occurs. > > skb_dst(skb)->dev can be NULL ??? That is what appears to be happening. Though I can do some more research into this. > Why only UDP ipv4 would need a fix, and not ipv6 ? Yeah, I should probably fix IPv6 as well if there is an issue. > Looks the bug is somewhere else maybe ? I was thinking about it last night and I am not certain we should even see skb_dst(skb) set as Cong mentioned. I'm wondering if I should update the code to just use skb->dev because these functions are currently only used in the GRO path anyway so it isn't as if skb_dst should be populated. - Alex
Powered by blists - more mailing lists