| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAM_iQpVr-i7Gz3sqA8Eb-S0k6eon3ejPWCHxC0+Jyp-YwqtCkA@mail.gmail.com>
Date: Mon, 4 Dec 2017 14:34:27 -0800
From: Cong Wang <xiyou.wangcong@...il.com>
To: Jon Maloy <jon.maloy@...csson.com>
Cc: David Miller <davem@...emloft.net>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
"tipc-discussion@...ts.sourceforge.net"
<tipc-discussion@...ts.sourceforge.net>,
Ying Xue <ying.xue@...driver.com>
Subject: Re: [Patch net v2] tipc: fix a null pointer deref on error path
On Mon, Dec 4, 2017 at 12:32 PM, Jon Maloy <jon.maloy@...csson.com> wrote:
>
>> You are right. The right solution is to just call conn_put() twice here.
>> I already have a patch ready for this, but it is part of a series that needs more
>> review.
>> I should probably post it separately...
>
> Well, calling conn_put() twice was ok in my series, but in the current upstream version it is not enough.
> I will find a different short term solution.
>
IMHO, for tipc_topsrv_kern_subscr() my v2 patch is more
correct, and for tipc_accept_from_sock(), v1 is needed too.
Of course v1 could fix both, but still v2 is better than v1 if
we only consider tipc_topsrv_kern_subscr() case. So this
depends if we want to consider these 2 paths as 2 cases
or 1 case. _I think_ it is better to consider them separately
since we already v2 is best fix for tipc_topsrv_kern_subscr(),
while still not sure what is the best for tipc_accept_from_sock().
Powered by blists - more mailing lists