| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130804144215.640c9336@nehalam.linuxnetplumber.net> Date: Sun, 4 Aug 2013 14:42:15 -0700 From: Stephen Hemminger <stephen@...workplumber.org> To: Pravin B Shelar <pshelar@...ira.com> Cc: netdev@...r.kernel.org Subject: Re: [PATCH net-next v6 1/8] vxlan: Restructure vxlan socket apis. On Thu, 1 Aug 2013 11:44:40 -0700 Pravin B Shelar <pshelar@...ira.com> wrote: > @@ -1642,59 +1651,56 @@ static struct vxlan_sock *vxlan_socket_create(struct net *net, __be16 port) > &vxlan_addr.sin_addr, ntohs(vxlan_addr.sin_port), rc); > sk_release_kernel(sk); > kfree(vs); > - return ERR_PTR(rc); > + return; > } > + atomic_set(&vs->refcnt, 0); > > /* Disable multicast loopback */ > inet_sk(sk)->mc_loop = 0; > + spin_lock(&vn->sock_lock); > + hlist_add_head_rcu(&vs->hlist, vs_head(net, port)); > + spin_unlock(&vn->sock_lock); Overall I am fine with this set, except for this. The change causes a socket to be put into the hash list with a ref count of 0 and then you increment the ref count. If some other thread finds the socket and then decrements the ref count, it would go below zero and might leak, crash or delete it prematurely. This concerns me. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists