| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Jun 2017 15:35:50 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: serhe.popovych@...il.com
Cc: netdev@...r.kernel.org
Subject: Re: ipv6: Do not leak throw route references
From: Serhey Popovych <serhe.popovych@...il.com>
Date: Tue, 20 Jun 2017 13:29:25 +0300
> While commit 73ba57bfae4a ("ipv6: fix backtracking for throw routes")
> does good job on error propagation to the fib_rules_lookup()
> in fib rules core framework that also corrects throw routes
> handling, it does not solve route reference leakage problem
> happened when we return -EAGAIN to the fib_rules_lookup()
> and leave routing table entry referenced in arg->result.
>
> If rule with matched throw route isn't last matched in the
> list we overwrite arg->result losing reference on throw
> route stored previously forever.
>
> We also partially revert commit ab997ad40839 ("ipv6: fix the
> incorrect return value of throw route") since we never return
> routing table entry with dst.error == -EAGAIN when
> CONFIG_IPV6_MULTIPLE_TABLES is on. Also there is no point
> to check for RTF_REJECT flag since it is always set throw
> route.
>
> Fixes: 73ba57bfae4a ("ipv6: fix backtracking for throw routes")
> Signed-off-by: Serhey Popovych <serhe.popovych@...il.com>
> ---
> v2: Rebased to kernel/git/davem/net.git repository
> Address several scripts/checkpatch.pl issues.
Applied and queue up for -stable, thanks.
Powered by blists - more mailing lists