Hi,
YOSHIFUJI Hideaki wrote:
> In article <[EMAIL PROTECTED]> (at Mon, 06 Mar 2006 21:50:33 +0100),
> Jean-Mickael Guerin <[EMAIL PROTECTED]> says:
> > This patch fixes potential null pointer dereference (I never experiment
> > such crash).
> > The patch is made for net-2.6.17.
>
> I disagree.
>
> It never happen, because (void *)&rt->u.dst is equal to (void *)rt,
> and dst_release() checks its argument.
Since I see nothing, that guarantees that struct rtable will not be reorganized
to get better cache access patterns or similiar, I would not trust this very
much.
What about sth. like this simple defensive patch instead
(against Linux 2.6.16-rc4)?
Regards
Ingo Oeser
--- net/ipv6/addrconf.c~ 2006-02-17 23:23:45.000000000 +0100
+++ net/ipv6/addrconf.c 2006-03-07 11:19:50.000000000 +0100
@@ -713,7 +713,8 @@
rt->rt6i_flags |= RTF_EXPIRES;
}
}
- dst_release(&rt->u.dst);
+ if (rt)
+ dst_release(&rt->u.dst);
}
in6_ifa_put(ifp);
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
