Message ID | 1503642323-12248-1-git-send-email-huanglili.huang@huawei.com |
---|---|
State | Accepted |
Delegated to: | Darrell Ball |
Headers | show |
Thanks for the fix Lili I also updated AUTHORS.rst, since I did not find your name there. I also added a Fixes tag and more detail to the commit message. and applied the patch to dpdk_merge here https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_darball_ovs_commits_dpdk-5Fmerge&d=DwIGaQ&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-uZnsw&m=A2_FCacqbp2moAo3HGFlTuxsjONUGhlN42OBcAuQQ6w&s=b6btPKhgvOFr2GOUYvktND6kaC6jc3fXI-mXfvNgXOU&e= This will need to go to 2.8 as well On 8/24/17, 11:25 PM, "ovs-dev-bounces@openvswitch.org on behalf of huanglili" <ovs-dev-bounces@openvswitch.org on behalf of huanglili.huang@huawei.com> wrote: From: Lili Huang <huanglili.huang@huawei.com> Conn should be removed from the list before freed. This crash will be triggered when a established flow do ct(nat) again, like "ip,actions=ct(table=1) table=1,in_port=1,ip,actions=ct(commit,nat(dst=5.5.5.5)),2 table=1,in_port=2,ip,ct_state=+est,actions=1 table=1,in_port=1,ip,ct_state=+est,actions=2" Signed-off-by: Lili Huang <huanglili.huang@huawei.com> --- lib/conntrack.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/conntrack.c b/lib/conntrack.c index 1c0e023..4918aaf 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -805,6 +805,7 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt, * against with firewall rules or a separate firewall. * Also using zone partitioning can limit DoS impact. */ nat_res_exhaustion: + ovs_list_remove(&nc->exp_node); delete_conn(nc); /* conn_for_un_nat_copy is a local variable in process_one; this * memset() serves to document that conn_for_un_nat_copy is from -- 1.8.3.1 _______________________________________________ dev mailing list dev@openvswitch.org https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-uZnsw&m=vuMxVczeFb3Q6uRGj0RiEHsArdAc_4l8bUJACE8IyPc&s=mpsnR_2mI9eB1-58_lKZlnjYscN74wQWSe_are1qZjs&e=
diff --git a/lib/conntrack.c b/lib/conntrack.c index 1c0e023..4918aaf 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -805,6 +805,7 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt, * against with firewall rules or a separate firewall. * Also using zone partitioning can limit DoS impact. */ nat_res_exhaustion: + ovs_list_remove(&nc->exp_node); delete_conn(nc); /* conn_for_un_nat_copy is a local variable in process_one; this * memset() serves to document that conn_for_un_nat_copy is from