[ovs-dev] [PATCH] conntrack: Fix conn_type need be checked when remove rev_conn.
w00273186
wangyunjian at huawei.com
Mon Sep 11 09:49:39 UTC 2017
From: Yunjian Wang <wangyunjian at huawei.com>
The rev_conn need will be removed, only when conn_type is CT_CONN_TYPE_UN_NAT.
This crash will be triggered when remove conn in ct-clean thread.
Reported-by: Lili Huang <huanglili.huang at huawei.com>
Signed-off-by: Yunjian Wang <wangyunjian at huawei.com>
---
lib/conntrack.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 419cb1d..c1adb56 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -684,9 +684,10 @@ nat_clean(struct conntrack *ct, struct conn *conn,
/* In the unlikely event, rev conn was recreated, then skip
* rev_conn cleanup. */
- if (rev_conn && (!nat_conn_key_node ||
- conn_key_cmp(&nat_conn_key_node->value,
- &rev_conn->rev_key))) {
+ if (rev_conn &&
+ (rev_conn->conn_type == CT_CONN_TYPE_UN_NAT) &&
+ (!nat_conn_key_node || conn_key_cmp(&nat_conn_key_node->value,
+ &rev_conn->rev_key))) {
hmap_remove(&ct->buckets[bucket_rev_conn].connections,
&rev_conn->node);
free(rev_conn);
--
1.8.3.1
More information about the dev
mailing list