linux/net
Vlad Yasevich 499923c7a3 ipv6: Fix NULL pointer dereference with time-wait sockets
Commit b2f5e7cd3d
(ipv6: Fix conflict resolutions during ipv6 binding)
introduced a regression where time-wait sockets were
not treated correctly.  This resulted in the following:

BUG: unable to handle kernel NULL pointer dereference at 0000000000000062
IP: [<ffffffff805d7d61>] ipv4_rcv_saddr_equal+0x61/0x70
...
Call Trace:
[<ffffffffa033847b>] ipv6_rcv_saddr_equal+0x1bb/0x250 [ipv6]
[<ffffffffa03505a8>] inet6_csk_bind_conflict+0x88/0xd0 [ipv6]
[<ffffffff805bb18e>] inet_csk_get_port+0x1ee/0x400
[<ffffffffa0319b7f>] inet6_bind+0x1cf/0x3a0 [ipv6]
[<ffffffff8056d17c>] ? sockfd_lookup_light+0x3c/0xd0
[<ffffffff8056ed49>] sys_bind+0x89/0x100
[<ffffffff80613ea2>] ? trace_hardirqs_on_thunk+0x3a/0x3c
[<ffffffff8020bf9b>] system_call_fastpath+0x16/0x1b

Tested-by: Brian Haley <brian.haley@hp.com>
Tested-by: Ed Tomlinson <edt@aei.ca>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-04-11 01:53:06 -07:00
..
9p 9p: fix sparse warning: cast adds address space 2009-02-26 23:13:32 -08:00
802 tr: fix leakage of device in net/802/tr.c 2009-04-11 01:43:17 -07:00
8021q gro: Fix vlan/netpoll check again 2009-03-17 13:10:52 -07:00
appletalk proc 2/2: remove struct proc_dir_entry::owner 2009-03-31 01:14:44 +04:00
atm proc 2/2: remove struct proc_dir_entry::owner 2009-03-31 01:14:44 +04:00
ax25 Revert "ax25: zero length frame filtering in AX25" 2009-03-27 17:23:42 -07:00
bluetooth proc tty: remove struct tty_operations::read_proc 2009-04-01 08:59:10 -07:00
bridge Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2009-03-26 01:22:01 -07:00
can proc 2/2: remove struct proc_dir_entry::owner 2009-03-31 01:14:44 +04:00
core net: netif_device_attach/detach should start/stop all queues 2009-04-11 01:43:10 -07:00
dcb DCB: fix kfree(skb) 2009-01-04 17:29:21 -08:00
dccp dccp: Do not let initial option overhead shrink the MPS 2009-03-02 03:07:23 -08:00
decnet net/*: use linux/kernel.h swap() 2009-03-21 13:36:17 -07:00
dsa dsa: add switch chip cascading support 2009-03-21 19:06:54 -07:00
econet net: convert usage of packet_type to read_mostly 2009-03-10 05:22:43 -07:00
ethernet eth: Declare an optimized compare_ether_addr_64bits() function 2008-11-23 23:24:32 -08:00
ipv4 ipv6: Fix NULL pointer dereference with time-wait sockets 2009-04-11 01:53:06 -07:00
ipv6 ipv6: Fix NULL pointer dereference with time-wait sockets 2009-04-11 01:53:06 -07:00
ipx ipx: use constant for strings and desciptor 2009-03-21 19:06:51 -07:00
irda proc tty: switch ircomm to ->proc_fops 2009-04-01 08:59:10 -07:00
iucv iucv: remove some pointless conditionals before kfree_skb() 2009-02-26 23:07:37 -08:00
key af_key: remove some pointless conditionals before kfree_skb() 2009-02-26 23:07:32 -08:00
lapb
llc proc 2/2: remove struct proc_dir_entry::owner 2009-03-31 01:14:44 +04:00
mac80211 trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
netfilter netfilter: ctnetlink: fix regression in expectation handling 2009-04-06 17:47:20 +02:00
netlabel netlabel: Cleanup the Smack/NetLabel code to fix incoming TCP connections 2009-03-28 15:01:37 +11:00
netlink Merge branch 'master' of /home/davem/src/GIT/linux-2.6/ 2009-03-26 15:23:24 -07:00
netrom Revert "netrom: zero length frame filtering in NetRom" 2009-03-27 17:22:55 -07:00
packet Network Drop Monitor: Adding kfree_skb_clean for non-drops and modifying end-of-line points for skbs 2009-03-13 12:09:28 -07:00
phonet trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
rds RDS: Use spinlock to protect 64b value update on 32b archs 2009-04-02 00:52:22 -07:00
rfkill net/rfkill/rfkill.c: fix unused rfkill_led_trigger() warning 2009-01-04 17:11:24 -08:00
rose af_rose/x25: Sanity check the maximum user frame size 2009-03-27 00:28:21 -07:00
rxrpc RxRPC: Fix a potential NULL dereference 2009-02-06 21:50:52 -08:00
sched net/*: use linux/kernel.h swap() 2009-03-21 13:36:17 -07:00
sctp proc 2/2: remove struct proc_dir_entry::owner 2009-03-31 01:14:44 +04:00
sunrpc Merge branch 'for-2.6.30' of git://linux-nfs.org/~bfields/linux 2009-04-06 13:25:56 -07:00
tipc tipc: fix non-const printf format arguments 2009-03-18 19:11:29 -07:00
unix New helper - current_umask() 2009-03-31 23:00:26 -04:00
wanrouter wanrouter: fix sparse warnings: context imbalance 2009-02-26 23:13:36 -08:00
wimax trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
wireless cfg80211: default CONFIG_WIRELESS_OLD_REGULATORY to n 2009-03-27 20:13:23 -04:00
x25 af_rose/x25: Sanity check the maximum user frame size 2009-03-27 00:28:21 -07:00
xfrm xfrm: spin_lock() should be spin_unlock() in xfrm_state.c 2009-03-27 00:23:04 -07:00
compat.c net: socket infrastructure for SO_TIMESTAMPING 2009-02-15 22:43:35 -08:00
Kconfig trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
Makefile RDS: Kconfig and Makefile 2009-02-26 23:43:35 -08:00
nonet.c
socket.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2009-04-06 18:05:43 -07:00
sysctl_net.c net: sysctl_net - use net_eq to compare nets 2009-03-16 16:23:30 +01:00
TUNABLE