bridge: vlan: Prevent possible use-after-free · 07bc588fc1 - Gogs: Go Git Service GfA electronic

فهرست منبع

bridge: vlan: Prevent possible use-after-free

When adding a port to a bridge we initialize VLAN filtering on it. We do
not bail out in case an error occurred in nbp_vlan_init, as it can be
used as a non VLAN filtering bridge.

However, if VLAN filtering is required and an error occurred in
nbp_vlan_init, we should set vlgrp to NULL, so that VLAN filtering
functions (e.g. br_vlan_find, br_get_pvid) will know the struct is
invalid and will not try to access it.

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Ido Schimmel 9 سال پیش

والد

ce1050089c

کامیت

07bc588fc1

1فایلهای تغییر یافته به همراه2 افزوده شده و 0 حذف شده

مشاهده تقسیم شده نمایش آمار تفاوت ها

						
							+ 2
							
							- 0
						
net/bridge/br_vlan.c
							 
								مشاهده فایل
							
				@@ -914,6 +914,8 @@ out:
			
				 	return ret;
			
				 err_vlan_add:
			
				+	RCU_INIT_POINTER(p->vlgrp, NULL);
			
				+	synchronize_rcu();
			
				 	rhashtable_destroy(&vg->vlan_hash);
			
				 err_rhtbl:
			
				 	kfree(vg);