| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20161010.203019.388602181022157591.davem@davemloft.net>
Date: Mon, 10 Oct 2016 20:30:19 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: torvalds@...ux-foundation.org
Cc: aconole@...hat.com, fw@...len.de, viro@...iv.linux.org.uk,
akpm@...ux-foundation.org, axboe@...com, tytso@....edu,
cl@...ux.com, pablo@...filter.org, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org, netdev@...r.kernel.org,
netfilter-devel@...r.kernel.org
Subject: Re: slab corruption with current -git
From: Linus Torvalds <torvalds@...ux-foundation.org>
Date: Mon, 10 Oct 2016 12:05:17 -0700
> David - I think that also explains what was wrong with the old code.
> In the old code, this loop:
>
> while (hooks_entry && nf_entry_dereference(hooks_entry->next)) {
>
> would exit with "hooks_entry" pointing to the last list entry (because
> ->next was NULL). Nothing was ever unlinked in the loop itself,
> because it never actually found a matching entry, but then after the
> loop it would free that last entry because it *thought* that was the
> match.
It only does this when the ops don't match, but yes it can happen.
Linus can you add some extra info to that:
WARN(1, "nf_unregister_net_hook: hook not found!\n");
diagnostic, such as the reg->pf and reg->hooknum values?
That might help track down why this is happening in the first
place.
Powered by blists - more mailing lists