| To: | Stephen Hemminger <shemminger@xxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] use after free in AF_ROSE |
| From: | "David S. Miller" <davem@xxxxxxxxxx> |
| Date: | Wed, 10 Dec 2003 14:53:26 -0800 |
| Cc: | ralf@xxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, linux-hams@xxxxxxxxxxxxxxx |
| In-reply-to: | <20031210100851.4b4a6927.shemminger@xxxxxxxx> |
| References: | <20031210100851.4b4a6927.shemminger@xxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Wed, 10 Dec 2003 10:08:51 -0800 Stephen Hemminger <shemminger@xxxxxxxx> wrote: > Doing multiple protocol testing and get crashes with simple > socket/close combo with AF_ROSE. The problem is that it > dereferences the socket in rose_release after it has already been > freed by rose_destroy_socket. > > This patch fixes that problem, and also uses sock_put to handle the > case where rose_destroy_socket is called with sk_refcnt > 1 which > might be possible if data comes in during close. Applied, thanks a lot Stephen. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: PMTU issues due to TOS field manipulation (for DSCP), David S. Miller |
|---|---|
| Next by Date: | Re: [RFC] SO_PEERSEC - security credentials for Unix stream sockets, David S. Miller |
| Previous by Thread: | [PATCH] use after free in AF_ROSE, Stephen Hemminger |
| Next by Thread: | PMTU issues due to TOS field manipulation (for DSCP), Kevin W. Rudd |
| Indexes: | [Date] [Thread] [Top] [All Lists] |