| Message ID | 20150312214623.1133.48565.stgit@ahduyck-vm-fedora20 |
|---|---|
| State | Accepted, archived |
| Delegated to: | David Miller |
| Headers | show |
I verified it. Looking good. Thanks a lot ! On Thu, Mar 12, 2015 at 2:46 PM, Alexander Duyck <alexander.h.duyck@redhat.com> wrote: > The function fib_unmerge assumed the local table had already been > allocated. If that is not the case however when custom rules are applied > then this can result in a NULL pointer dereference. > > In order to prevent this we must check the value of the local table pointer > and if it is NULL simply return 0 as there is no local table to separate > from the main. > > Fixes: 0ddcf43d5 ("ipv4: FIB Local/MAIN table collapse") > Reported-by: Madhu Challa <challa@noironetworks.com> > Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com> > --- > net/ipv4/fib_frontend.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c > index c1caf9d..e5b6b05 100644 > --- a/net/ipv4/fib_frontend.c > +++ b/net/ipv4/fib_frontend.c > @@ -156,9 +156,12 @@ int fib_unmerge(struct net *net) > { > struct fib_table *old, *new; > > + /* attempt to fetch local table if it has been allocated */ > old = fib_get_table(net, RT_TABLE_LOCAL); > - new = fib_trie_unmerge(old); > + if (!old) > + return 0; > > + new = fib_trie_unmerge(old); > if (!new) > return -ENOMEM; > > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index c1caf9d..e5b6b05 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -156,9 +156,12 @@ int fib_unmerge(struct net *net) { struct fib_table *old, *new; + /* attempt to fetch local table if it has been allocated */ old = fib_get_table(net, RT_TABLE_LOCAL); - new = fib_trie_unmerge(old); + if (!old) + return 0; + new = fib_trie_unmerge(old); if (!new) return -ENOMEM;
The function fib_unmerge assumed the local table had already been allocated. If that is not the case however when custom rules are applied then this can result in a NULL pointer dereference. In order to prevent this we must check the value of the local table pointer and if it is NULL simply return 0 as there is no local table to separate from the main. Fixes: 0ddcf43d5 ("ipv4: FIB Local/MAIN table collapse") Reported-by: Madhu Challa <challa@noironetworks.com> Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com> --- net/ipv4/fib_frontend.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html