linux

History

Pavel Emelyanov 28518fc170 [NET]: NULL pointer dereference and other nasty things in /proc/net/(tcp\|udp)[6] Commits f40c81 ([NETNS][IPV4] tcp - make proc handle the network namespaces) and a91275 ([NETNS][IPV6] udp - make proc handle the network namespace) both introduced bad checks on sockets and tw buckets to belong to proper net namespace. I.e. when checking for socket to belong to given net and family the do { sk = sk_next(sk); } while (sk && sk->sk_net != net && sk->sk_family != family); constructions were used. This is wrong, since as soon as the sk->sk_net fits the net the socket is immediately returned, even if it belongs to other family. As the result four /proc/net/(udp\|tcp)[6] entries show wrong info. The udp6 entry even oopses when dereferencing inet6_sk(sk) pointer: static void udp6_sock_seq_show(struct seq_file seq, struct sock sp, int bucket) { ... struct ipv6_pinfo np = inet6_sk(sp); ... dest = &np->daddr; / will be NULL for AF_INET sockets */ ... seq_printf(... dest->s6_addr32[0], dest->s6_addr32[1], dest->s6_addr32[2], dest->s6_addr32[3], ... Fix it by converting && to \|\|. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>		2008-03-21 15:52:00 -07:00
..
9p	net: replace remaining __FUNCTION__ occurrences	2008-03-05 20:47:47 -08:00
802
8021q	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-18 00:37:55 -07:00
appletalk
atm
ax25
bluetooth	bluetooth: make bnep_sock_cleanup() return void	2008-03-05 18:47:40 -08:00
bridge	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-21 03:42:24 -07:00
can
core	[NET]: Add per-connection option to set max TSO frame size	2008-03-21 03:43:19 -07:00
dccp	net: replace remaining __FUNCTION__ occurrences	2008-03-05 20:47:47 -08:00
decnet
econet
ethernet
ieee80211	the scheduled ieee80211 softmac removal	2008-03-13 16:02:31 -04:00
ipv4	[NET]: NULL pointer dereference and other nasty things in /proc/net/(tcp\|udp)[6]	2008-03-21 15:52:00 -07:00
ipv6	[NETNS][IPV6] tcp6 - make proc per namespace	2008-03-21 04:14:45 -07:00
ipx
irda	net: replace remaining __FUNCTION__ occurrences	2008-03-05 20:47:47 -08:00
iucv
key
lapb
llc	net: replace remaining __FUNCTION__ occurrences	2008-03-05 20:47:47 -08:00
mac80211	the scheduled rc80211-simple.c removal	2008-03-13 16:02:31 -04:00
netfilter	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-21 03:42:24 -07:00
netlabel
netlink	netlink: make socket filters work on netlink	2008-03-21 15:46:12 -07:00
netrom
packet
rfkill
rose
rxrpc	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-18 00:37:55 -07:00
sched	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-18 00:37:55 -07:00
sctp	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-21 03:42:24 -07:00
sunrpc	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6	2008-03-18 00:37:55 -07:00
tipc	[TIPC]: Update version to 1.6.3	2008-03-06 15:08:40 -08:00
unix	net: replace remaining __FUNCTION__ occurrences	2008-03-05 20:47:47 -08:00
wanrouter
wireless	nl80211/cfg80211: support for mesh, sta dumping	2008-03-06 15:30:41 -05:00
x25
xfrm
compat.c
Kconfig
Makefile
nonet.c
socket.c
sysctl_net.c
TUNABLE