[NETFILTER 03/03]: nfnetlink_log: fix crash on bridged packet

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netfilter-devel@lists.netfilter.org, Patrick McHardy <kaber@trash.net>
Subject: [NETFILTER 03/03]: nfnetlink_log: fix crash on bridged packet
Date: Tue,  6 Mar 2007 08:44:05 +0100 (MET)	[thread overview]
Message-ID: <20070306074404.24479.71527.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20070306074400.24479.43171.sendpatchset@localhost.localdomain>

[NETFILTER]: nfnetlink_log: fix crash on bridged packet

physoutdev is only set on purely bridged packet, when nfnetlink_log is used
in the OUTPUT/FORWARD/POSTROUTING hooks on packets forwarded from or to a
bridge it crashes when trying to dereference skb->nf_bridge->physoutdev.

Reported by Holger Eitzenberger <heitzenberger@astaro.com>

Signed-off-by: Patrick McHardy <kaber@trash.net>

---
commit 8baa666cdecd6dbb774f0ceca9ea2738f893a02b
tree 950f54d9eec340efe42b10810994ee9f1b6887ba
parent fdc819454fe27437cdaac5674a18373657650068
author Patrick McHardy <kaber@trash.net> Tue, 06 Mar 2007 08:09:06 +0100
committer Patrick McHardy <kaber@trash.net> Tue, 06 Mar 2007 08:09:06 +0100

 net/netfilter/nfnetlink_log.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 12f92e2..5cb30eb 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -486,7 +486,7 @@ #else
 			 * for physical device (when called from ipv4) */
 			NFA_PUT(inst->skb, NFULA_IFINDEX_OUTDEV,
 				sizeof(tmp_uint), &tmp_uint);
-			if (skb->nf_bridge) {
+			if (skb->nf_bridge && skb->nf_bridge->physoutdev) {
 				tmp_uint =
 				    htonl(skb->nf_bridge->physoutdev->ifindex);
 				NFA_PUT(inst->skb, NFULA_IFINDEX_PHYSOUTDEV,

next prev parent reply	other threads:[~2007-03-06  7:44 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-03-06  7:44 [NETFILTER 00/03]: Netfilter fixes Patrick McHardy
2007-03-06  7:44 ` [NETFILTER 01/03]: nf_conntrack_ipv6: fix incorrect classification of IPv6 fragments as ESTABLISHED Patrick McHardy
2007-03-06  7:44 ` [NETFILTER 02/03]: nfnetlink_log: zero-terminate prefix Patrick McHardy
2007-03-06  7:44 ` Patrick McHardy [this message]
2007-03-07  4:25 ` [NETFILTER 00/03]: Netfilter fixes David Miller

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:12f92e2 dfblob:5cb30eb )
 OR (
bs:"[NETFILTER 03/03]: nfnetlink_log: fix crash on bridged packet" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070306074404.24479.71527.sendpatchset@localhost.localdomain \
    --to=kaber@trash.net \
    --cc=davem@davemloft.net \
    --cc=netfilter-devel@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.