[ovs-dev] [patch_v1] conntrack: Reset nat_info in un_nat conns.

[Ben Pfaff]

On Tue, Jun 13, 2017 at 11:20:54AM -0700, Greg Rose wrote:
> On 06/13/2017 07:46 AM, Darrell Ball wrote:
> >Un-nat conns have no nat_info as do default conns.
> >However, un-nat conns are originally templated from the
> >corresponding default conns and therefore need to
> >have their nat_info explicitly nulled.  This
> >otherwise exposes a double free if conntrack_destroy()
> >were to be used to destroy the connection tracker.  This
> >would apply to cleaning the datapath after testing.
> >
> >Fixes: 286de2729955 ("dpdk: Userspace Datapath: Introduce NAT Support.")
> >Signed-off-by: Darrell Ball <dlu998 at gmail.com>
> >---
> >  lib/conntrack.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> >diff --git a/lib/conntrack.c b/lib/conntrack.c
> >index 146edd7..90b154a 100644
> >--- a/lib/conntrack.c
> >+++ b/lib/conntrack.c
> >@@ -573,6 +573,7 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt,
> >                  nc->conn_type == CT_CONN_TYPE_DEFAULT) {
> >                  *nc = *conn_for_un_nat_copy;
> >                  conn_for_un_nat_copy->conn_type = CT_CONN_TYPE_UN_NAT;
> >+                conn_for_un_nat_copy->nat_info = NULL;
> >              }
> >              ct_rwlock_unlock(&ct->nat_resources_lock);
> >
> >
> I don't have a way to test this right at the moment but it's pretty simple and looks good to me.
> 
> Thanks Darrell!
> 
> Acked-by: Greg Rose <gvrose8192 at gmail.com>

Thanks Darrell and Greg, I applied this to master.