diff for duplicates of <20160121173733.GC3452@mrl.redhat.com> diff --git a/a/1.txt b/N1/1.txt index a847a55..b8be323 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -7,7 +7,7 @@ On Thu, Jan 21, 2016 at 03:18:18PM -0200, Marcelo Ricardo Leitner wrote: > > >> The following program causes use-after-free in __sctp_connect: > > >> > > > ... -> > >> INFO: Freed in sctp_association_put+0x150/0x250 age=0 cpu=3 pid\x15267 +> > >> INFO: Freed in sctp_association_put+0x150/0x250 age=0 cpu=3 pid=15267 > > >> [< none >] __slab_free+0x1fc/0x320 mm/slub.c:2678 > > >> [< inline >] slab_free mm/slub.c:2833 > > >> [< none >] kfree+0x2a8/0x2d0 mm/slub.c:3662 @@ -55,9 +55,9 @@ On Thu, Jan 21, 2016 at 03:18:18PM -0200, Marcelo Ricardo Leitner wrote: > <0.000366> > 2511 14:55:10 mmap(0x20000000, 65536, PROT_READ|PROT_WRITE, > MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 <0.000082> -> 2511 14:55:10 bind(3, {sa_family¯_INET6, sin6_port=htons(13280), -> inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo\x1882116169, -> sin6_scope_id305060172}, 28) = 0 <0.000119> +> 2511 14:55:10 bind(3, {sa_family=AF_INET6, sin6_port=htons(13280), +> inet_pton(AF_INET6, "::1", &sin6_addr), sin6_flowinfo=1882116169, +> sin6_scope_id=3305060172}, 28) = 0 <0.000119> > - bound to IPv6 > > 2511 14:55:10 mmap(NULL, 8392704, PROT_READ|PROT_WRITE, @@ -76,7 +76,7 @@ On Thu, Jan 21, 2016 at 03:18:18PM -0200, Marcelo Ricardo Leitner wrote: > 2511 14:55:10 <... setsockopt resumed> ) = 0 <0.000135> > 2512 14:55:10 <... set_robust_list resumed> ) = 0 <0.000133> > 2511 14:55:10 sendfile(3, 3, [0], 192 <unfinished ...> -> 2512 14:55:10 connect(3, {sa_family¯_INET, sin_port=htons(13273), +> 2512 14:55:10 connect(3, {sa_family=AF_INET, sin_port=htons(13273), > sin_addr=inet_addr("127.0.0.1")}, 128 <unfinished ...> > - connect to IPv4. This connect should timeout, as we can't find a > route between ipv4/ipv6. @@ -93,8 +93,8 @@ On Thu, Jan 21, 2016 at 03:18:18PM -0200, Marcelo Ricardo Leitner wrote: > > 2511 14:55:14 sendto(3, > "\0\0\0\0\0\0\0\1\335\1\370\375\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., -> 112, 0, {sa_family¯_INET6, sin6_port=htons(13276), inet_pton(AF_INET6, -> "::1", &sin6_addr), sin6_flowinfo512421652, sin6_scope_idB60889053}, +> 112, 0, {sa_family=AF_INET6, sin6_port=htons(13276), inet_pton(AF_INET6, +> "::1", &sin6_addr), sin6_flowinfo=3512421652, sin6_scope_id=4260889053}, > 128) = 112 <0.001601> > - sendto() to an IPv6 addr while connect() is still running. > - socket is not in established state. diff --git a/a/content_digest b/N1/content_digest index 568a694..5c20c3b 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -4,7 +4,7 @@ "ref\020160121171818.GB3452@mrl.redhat.com\0" "From\0Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>\0" "Subject\0Re: net/sctp: use-after-free in __sctp_connect\0" - "Date\0Thu, 21 Jan 2016 17:37:33 +0000\0" + "Date\0Thu, 21 Jan 2016 15:37:33 -0200\0" "To\0Vlad Yasevich <vyasevich@gmail.com>\0" "Cc\0Dmitry Vyukov <dvyukov@google.com>" Neil Horman <nhorman@tuxdriver.com> @@ -28,7 +28,7 @@ "> > >> The following program causes use-after-free in __sctp_connect:\n" "> > >>\n" "> > > ...\n" - "> > >> INFO: Freed in sctp_association_put+0x150/0x250 age=0 cpu=3 pid\025267\n" + "> > >> INFO: Freed in sctp_association_put+0x150/0x250 age=0 cpu=3 pid=15267\n" "> > >> [< none >] __slab_free+0x1fc/0x320 mm/slub.c:2678\n" "> > >> [< inline >] slab_free mm/slub.c:2833\n" "> > >> [< none >] kfree+0x2a8/0x2d0 mm/slub.c:3662\n" @@ -76,9 +76,9 @@ "> <0.000366> \n" "> 2511 14:55:10 mmap(0x20000000, 65536, PROT_READ|PROT_WRITE,\n" "> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 <0.000082>\n" - "> 2511 14:55:10 bind(3, {sa_family\302\257_INET6, sin6_port=htons(13280),\n" - "> inet_pton(AF_INET6, \"::1\", &sin6_addr), sin6_flowinfo\03082116169,\n" - "> sin6_scope_id305060172}, 28) = 0 <0.000119>\n" + "> 2511 14:55:10 bind(3, {sa_family=AF_INET6, sin6_port=htons(13280),\n" + "> inet_pton(AF_INET6, \"::1\", &sin6_addr), sin6_flowinfo=1882116169,\n" + "> sin6_scope_id=3305060172}, 28) = 0 <0.000119>\n" "> - bound to IPv6\n" "> \n" "> 2511 14:55:10 mmap(NULL, 8392704, PROT_READ|PROT_WRITE,\n" @@ -97,7 +97,7 @@ "> 2511 14:55:10 <... setsockopt resumed> ) = 0 <0.000135> \n" "> 2512 14:55:10 <... set_robust_list resumed> ) = 0 <0.000133> \n" "> 2511 14:55:10 sendfile(3, 3, [0], 192 <unfinished ...> \n" - "> 2512 14:55:10 connect(3, {sa_family\302\257_INET, sin_port=htons(13273),\n" + "> 2512 14:55:10 connect(3, {sa_family=AF_INET, sin_port=htons(13273),\n" "> sin_addr=inet_addr(\"127.0.0.1\")}, 128 <unfinished ...>\n" "> - connect to IPv4. This connect should timeout, as we can't find a\n" "> route between ipv4/ipv6.\n" @@ -114,8 +114,8 @@ "> \n" "> 2511 14:55:14 sendto(3,\n" "> \"\\0\\0\\0\\0\\0\\0\\0\\1\\335\\1\\370\\375\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\"...,\n" - "> 112, 0, {sa_family\302\257_INET6, sin6_port=htons(13276), inet_pton(AF_INET6,\n" - "> \"::1\", &sin6_addr), sin6_flowinfo512421652, sin6_scope_idB60889053},\n" + "> 112, 0, {sa_family=AF_INET6, sin6_port=htons(13276), inet_pton(AF_INET6,\n" + "> \"::1\", &sin6_addr), sin6_flowinfo=3512421652, sin6_scope_id=4260889053},\n" "> 128) = 112 <0.001601>\n" "> - sendto() to an IPv6 addr while connect() is still running.\n" "> - socket is not in established state.\n" @@ -154,4 +154,4 @@ "> More majordomo info at http://vger.kernel.org/majordomo-info.html\n" > -60829e3a4e7b0bc0ef4f2b0ddf3e2761303452854fa83a4df727b58e6999fe25 +7dd1f7bea5cc786d34ae489a02805667cb14fb244390a651611d031a361e012f
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.