kernel: BIRD kernel syncer protocol issues on Linux
Ondrej Zajicek
santiago at crfreenet.org
Thu Sep 26 17:51:48 CEST 2013
On Thu, Sep 26, 2013 at 12:21:02PM +0300, Sergey Popovich wrote:
> Helo, BIRD developers!
>
> I have found few issues with kernel syncer on Linux with enabled
> route learning.
>
> There are few problems in sysdep/linux/rtnetlink.c with netlink
> code:
>
> * Use after free when accessing nl_table_map[] in nl_parse_route().
> * Possible race condition between rx buffer allocation nl_async_rx_buffer in
> for async socket and nl_open_async() and it's usage in nl_async_hook().
This race condition couldn't really happen because of singlethreadness,
but your change makes that cleaner.
> * Socket descriptor leakage in error path in nl_open_async() when
> bind(2) call fails.
>
> These problems addressed with patch
> bird-1.3.11-fix-shutdow~ath-in-rtnetlink.patch
Thanks, applied (both).
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20130926/7c76cee7/attachment-0001.asc>
More information about the Bird-users
mailing list