lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1826853.rak2U42CMU@alaris>
Date:	Fri, 17 Aug 2012 19:05:57 +0200
From:	Michal Kubeček <mkubecek@...e.cz>
To:	Cong Wang <amwang@...hat.com>
Cc:	netdev@...r.kernel.org, Herbert Xu <herbert@...dor.hengli.com.au>,
	"David S. Miller" <davem@...emloft.net>,
	Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
	Patrick McHardy <kaber@...sh.net>,
	Shan Wei <shanwei@...fujitsu.com>,
	Pablo Neira Ayuso <pablo@...filter.org>,
	netfilter-devel@...r.kernel.org
Subject: Re: [RFC Patch net-next] ipv6: unify conntrack reassembly expire code with standard one

On Friday 17 of August 2012 16:02EN, Cong Wang wrote:
> Two years ago, Shan Wei tried to fix this:
> http://patchwork.ozlabs.org/patch/43905/
> 
...
>
> As Herbert suggested, we could actually use the standard IPv6
> reassembly code which follows RFC2460.

I tested the patch and I ran into a problem in this place in 
ip6_expire_frag_queue():

>  	net = container_of(fq->q.net, struct net, ipv6.frags);

For frag queues coming from IPv6 conntrack, fq->q.net points to 
nf_init_frags which is not embedded into struct net so that the 
following device lookup leads to reading from an invalid address.
The same problem has been discussed on the page linked above.

I didn't test with current net-next source but as far as I can tell, 
this hasn't changed. Did I miss something?

                                                     Michal Kubecek

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ