[ovs-dev] [patch v1] conntrack: Fix conn_update_state_alg use after free.

Darrell Ball dlu998 at gmail.com
Tue Jul 10 16:02:54 UTC 2018


Signed-off-by: Darrell Ball <dlu998 at gmail.com>
---

Needs backporting as far back as 2.8.

 lib/conntrack.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index e1c1f2e..b818584 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -1159,8 +1159,11 @@ conn_update_state_alg(struct conntrack *ct, struct dp_packet *pkt,
         } else {
             *create_new_conn = conn_update_state(ct, pkt, ctx, &conn, now,
                                                 bucket);
-            handle_ftp_ctl(ct, ctx, pkt, conn, now, CT_FTP_CTL_OTHER,
-                           !!nat_action_info);
+
+            if (*create_new_conn == false) {
+                handle_ftp_ctl(ct, ctx, pkt, conn, now, CT_FTP_CTL_OTHER,
+                               !!nat_action_info);
+            }
         }
         return true;
     }
-- 
1.9.1



More information about the dev mailing list